From 5b15e3d7906f91d07b5cb22b879b0f329b0b5c20 Mon Sep 17 00:00:00 2001
From: sbluhm <stefan.bluhm@clacee.eu>
Date: Sun, 20 Sep 2020 20:18:50 +0200
Subject: [PATCH] Added custom header handler.

---
 Configuration.md      | 13 +++++++++++++
 configuration.c       | 17 +++++++++++++++++
 configuration.h       |  9 +++++++++
 package-with/conf.xml | 11 ++++++++++-
 webdavd.c             |  5 +++++
 5 files changed, 54 insertions(+), 1 deletion(-)

diff --git a/Configuration.md b/Configuration.md
index 4842b74..379a1c5 100644
--- a/Configuration.md
+++ b/Configuration.md
@@ -177,6 +177,19 @@ Example
         <server><listen><port>80</port></listen></server>
     </server-config>
 
+
+## `<add-header>`
+It is possible to add custom response headers to the outgoing transactions by using `<add-header>` tags. This can for example be useful if you need to configure Cross Origin Resource Sharing (CORS).The headers are added to all outgoing reponses of the instance.
+
+The header name needs to be added to the tag attribute `name`. Its corresponding value is included inside the tags.
+
+Example
+
+    <server-config xmlns="http://couling.me/webdavd">
+        <add-header name="Access-Control-Allow-Origin">'https://www.example.com'</add-header>
+        <server><listen><port>80</port></listen></server>
+    </server-config>
+
 ## `<error-log>`
 The location to write the error log.  If unspecified the error log will be written to the stderr.
 
diff --git a/configuration.c b/configuration.c
index b361117..0a573d4 100644
--- a/configuration.c
+++ b/configuration.c
@@ -269,6 +269,22 @@ static int configResponseDir(WebdavdConfiguration * config, xmlTextReaderPtr rea
 	return result;
 }
 
+static int configAddHeader(WebdavdConfiguration * config, xmlTextReaderPtr reader, const char * configFile) {
+	//<add-header name="Access-Control-Allow-Headers">cache-control</add-header>
+
+	// keep track of the number of headers
+	int index = config->addHeadersCount++;
+
+	// increase the size of the config-->addHeaders memory area
+	config->addHeaders = reallocSafe(config->addHeaders, sizeof(*config->addHeaders) * config->addHeadersCount);
+	memset(&config->addHeaders[index], 0, sizeof(config->addHeaders[index]));
+
+	// add the values to the configurations
+	config->addHeaders[index].name = xmlTextReaderGetAttribute(reader, "name");
+	int result = readConfigString(reader, &config->addHeaders[index].value);
+	return result;
+}
+
 ///////////////////////////
 // End Handler Functions //
 ///////////////////////////
@@ -290,6 +306,7 @@ static int compareConfigFunction(const void * a, const void * b) {
 // This MUST be sorted in aplabetical order (for nodeName).  The array is binary-searched.
 static const ConfigurationFunction configFunctions[] = {
 		{ .nodeName = "access-log", .func = &configAccessLog },                // <access-log />
+		{ .nodeName = "add-header", .func = &configAddHeader },                // <add-header />
 		{ .nodeName = "chroot-path", .func = &configChroot },                  // <chroot />
 		{ .nodeName = "error-log", .func = &configErrorLog },                  // <error-log />
 		{ .nodeName = "listen", .func = &configListen },                       // <listen />
diff --git a/configuration.h b/configuration.h
index 15703af..c745c26 100644
--- a/configuration.h
+++ b/configuration.h
@@ -16,6 +16,11 @@ typedef struct DaemonConfig {
 	const char * forwardToHost;
 } DaemonConfig;
 
+typedef struct AddHeaders {
+	const char * name;
+	const char * value;
+} AddHeaders;
+
 typedef struct SSLConfig {
 	int chainFileCount;
 	const char * keyFile;
@@ -51,6 +56,10 @@ typedef struct WebdavdConfiguration {
 	// SSL
 	int sslCertCount;
 	SSLConfig * sslCerts;
+
+	// Additional Headers
+	int addHeadersCount;
+	AddHeaders * addHeaders;
 } WebdavdConfiguration;
 
 extern WebdavdConfiguration config;
diff --git a/package-with/conf.xml b/package-with/conf.xml
index e31fc6e..1ddb00a 100644
--- a/package-with/conf.xml
+++ b/package-with/conf.xml
@@ -53,7 +53,7 @@
 		</listen>
 
 
-		<!-- The authenticated session life span (has secirity implications). Sessions 
+		<!-- The authenticated session life span (has security implications). Sessions 
 			will stay open for this length of time and user/passwords matching the session 
 			may not be checked with PAM. For this reason it is best to leave this open 
 			only for a few minutes incase the system password changes. default: 5:00 
@@ -119,5 +119,14 @@
 
 		<!-- As required.... -->
 		<!-- <ssl-cert> ... </ssl-cert> -->
+
+
+		<!-- Add custom reply headers here. This can for example be useful if you need
+		     to configure Cross Origin Resource Sharing (CORS). -->
+
+		<!-- <add-header name="Access-Control-Allow-Origin">'https://www.example.com'</add-header> -->
+		<!-- <add-header name="Access-Control-Allow-Headers">'cache-control'</add-header> -->
+
+
 	</server>
 </server-config>
diff --git a/webdavd.c b/webdavd.c
index a332942..edee304 100644
--- a/webdavd.c
+++ b/webdavd.c
@@ -1216,6 +1216,11 @@ static Response * createFdResponse(int fd, uint64_t offset, uint64_t size, const
 	addHeader(response, "Expires", "Thu, 19 Nov 1980 00:00:00 GMT");
 	addHeader(response, "Cache-Control", "no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
 	addHeader(response, "Pragma", "no-cache");
+        // Adding additional headers from the config file
+        for (int i = 0; i < config.addHeadersCount; i++) {
+            addHeader(response, config.addHeaders[i].name, config.addHeaders[i].value);
+        }
+
 	return response;
 }