From 25dc781a8e6d441caef1c55f42f3d0d10e582412 Mon Sep 17 00:00:00 2001
From: Michael Stapelberg <michael@stapelberg.de>
Date: Wed, 26 Dec 2018 16:15:14 +0100
Subject: [PATCH] Set Access-Control-Allow-Origin header to load external CSS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

With Chrome 70, I didn’t get the bootstrap CSS files anymore.
---
 status.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/status.go b/status.go
index 5f96277..4753723 100644
--- a/status.go
+++ b/status.go
@@ -100,6 +100,8 @@ func initStatus(services []*service) {
 		}
 	})
 	http.HandleFunc("/status", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+
 		token := xsrfTokenFromCookies(r.Cookies())
 		if token == 0 {
 			// Only generate a new XSRF token if the old one is expired, so that
@@ -140,6 +142,8 @@ func initStatus(services []*service) {
 	})
 
 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+
 		var st unix.Statfs_t
 		if err := unix.Statfs("/perm", &st); err != nil {
 			log.Printf("could not stat /perm: %v", err)