Setting CORS header

[pulcheri]

First, thanks for the great framework - I really enjoy using Spock! Although, as have been mentioned elsewhere lack of documentation of advanced features is frustrating. For instance, I'd like to be able to set "Access-Control-Allow-Origin: *" response header - how is that possible?

[agrafix]

I think a good idea is to use a prehook in combination with setHeader.

Something like this should work:

corsHeader =
  do ctx <- getContext
     setHeader "Access-Control-Allow-Origin" "*"
     pure ctx

myApp =
  prehook corsHeader $
  do get ("my" <//> "cool" <//> "path") $ ...

[cstrahan]

I think you want to do something more like this (using hookAny):

corsHeader =
  do ctx <- getContext
     setHeader "Access-Control-Allow-Origin" "*"
     setHeader "Access-Control-Allow-Headers" "Content-Type"
     pure ctx

myApp =
  do hookAny OPTIONS (\path -> corsHeader)
     get ("my" <//> "cool" <//> "path") $ ...

That's what I used in a recent app.