+static void uh_ubus_add_cors_headers(struct client *cl)
+{
+ struct blob_attr *tb[__HDR_MAX];
+ static const struct blobmsg_policy hdr_policy[__HDR_MAX] = {
+ [HDR_ORIGIN] = { "origin", BLOBMSG_TYPE_STRING },
+ [HDR_ACCESS_CONTROL_REQUEST_METHOD] = { "access-control-request-method", BLOBMSG_TYPE_STRING },
+ [HDR_ACCESS_CONTROL_REQUEST_HEADERS] = { "access-control-request-headers", BLOBMSG_TYPE_STRING },
+ };
+
+ blobmsg_parse(hdr_policy, __HDR_MAX, tb, blob_data(cl->hdr.head), blob_len(cl->hdr.head));
+
+ if (!tb[HDR_ORIGIN])
+ return;
+
+ if (tb[HDR_ACCESS_CONTROL_REQUEST_METHOD])
+ {
+ char *hdr = (char *) blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_METHOD]);
+
+ if (strcmp(hdr, "POST") && strcmp(hdr, "OPTIONS"))
+ return;
+ }
+
+ ustream_printf(cl->us, "Access-Control-Allow-Origin: %s\r\n",
+ blobmsg_data(tb[HDR_ORIGIN]));
+
+ if (tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS])
+ ustream_printf(cl->us, "Access-Control-Allow-Headers: %s\r\n",
+ blobmsg_data(tb[HDR_ACCESS_CONTROL_REQUEST_HEADERS]));
+
+ ustream_printf(cl->us, "Access-Control-Allow-Methods: POST, OPTIONS\r\n");
+ ustream_printf(cl->us, "Access-Control-Allow-Credentials: true\r\n");
+}
+