Allow cross-origin access to web server

[mklein994]

I'm experimenting with creating a way to control profiles remotely (i.e. from my phone), and encountered a missing CORS header Access-Control-Allow-Origin error when making requests from my local web server. I'm not too familiar with how CORS or NAT should be set up to make it possible, but when I added this it worked:

diff --git a/src/Artemis.Core/Services/WebServer/WebServerService.cs b/src/Artemis.Core/Services/WebServer/WebServerService.cs
index 263d9531..52aeaa43 100644
--- a/src/Artemis.Core/Services/WebServer/WebServerService.cs
+++ b/src/Artemis.Core/Services/WebServer/WebServerService.cs
@@ -124,6 +124,7 @@ private WebServer CreateWebServer()
         PluginsModule.ServerUrl = $"http://localhost:{_webServerPortSetting.Value}/";
         WebServer server = new WebServer(o => o.WithUrlPrefix($"http://*:{_webServerPortSetting.Value}/").WithMode(HttpListenerMode.EmbedIO))
             .WithLocalSessionManager()
+            .WithCors()
             .WithModule(PluginsModule);
 
         // Add registered modules

Reference to code:

Artemis/src/Artemis.Core/Services/WebServer/WebServerService.cs

Lines 125 to 127 in c901bce

	WebServer server = new WebServer(o => o.WithUrlPrefix($"http://*:{_webServerPortSetting.Value}/").WithMode(HttpListenerMode.EmbedIO))
	.WithLocalSessionManager()
	.WithModule(PluginsModule);

As far as I can tell, this is basically the same as adding Access-Control-Allow-Origin: * to the response headers. Could there be a way expose this via settings, possibly with custom values?

[RobertBeekman]

Hi, yeah I'm not against making CORS a setting, I'll have to experiment a little bit with this to make sure I know what the implications of this change are.

The main concern is accidentally exposing things publically, either directly or indirectly