chore: initial commit

.gitignore

@@ -0,0 +1,13 @@
+/.vs
+.DS_Store
+.Thumbs.db
+*.sublime*
+.idea/
+debug.log
+package-lock.json
+.vscode/settings.json
+
+/.tauri
+/target
+Cargo.lock
+node_modules/

Cargo.toml

@@ -0,0 +1,18 @@
+[package]
+name = "tauri-plugin-cors-fetch"
+version = "1.0.0"
+authors = [ "[email protected]" ]
+description = ""
+edition = "2021"
+rust-version = "1.70"
+exclude = ["/examples", "/node_modules"]
+links = "tauri-plugin-cors-fetch"
+
+[dependencies]
+tauri = { version = "2.0.0-beta.11" }
+tauri-plugin-http = "2.0.0-beta.3"
+once_cell = "1.19.0"
+tokio = { version = "1.36.0", features = ["macros"] }
+
+[build-dependencies]
+tauri-plugin = { version = "2.0.0-beta.9", features = ["build"] }

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Del.Wang
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,74 @@
+# tauri-plugin-cors-fetch
+
+A Tauri plugin that enables seamless cross-origin resource sharing (CORS) for web fetch requests within Tauri applications.
+
+## Overview
+
+When developing cross-platform desktop applications with [Tauri](https://tauri.app), you may encounter CORS restrictions that prevent direct access to certain web resources, such as [OpenAI](https://openai.com/product) services. While the official [tauri-plugin-http](https://docs.rs/crate/tauri-plugin-http/latest) can achieve CORS bypassing, it requires adapting your network requests and may not be compatible with third-party dependencies.
+
+`tauri-plugin-cors-fetch` provides a transparent solution by automatically intercepting and modifying outgoing `fetch` requests, adding the necessary headers to bypass CORS restrictions. This allows you to continue using the standard `fetch` API without the need for additional code changes or workarounds.
+
+**Features**
+
+- **CORS Bypass**: Automatically handles CORS restrictions for `fetch` requests.
+- **Seamless Integration**: Use the standard `fetch` API without modifications.
+- **Flexible Configuration**: Enable CORS globally or on a per-request basis.
+
+## Installation
+
+Add the plugin to your Tauri project's dependencies:
+
+```toml
+# Cargo.toml
+[
+dependencies
+]
+tauri-cors-fetch-hook = "1.0.0"
+```
+
+Then, initialize the plugin in your Tauri application setup:
+
+```rust
+// main.rs
+fn main() {
+    tauri::Builder::default()
+        .plugin(tauri_cors_fetch_hook::init())
+        .run(tauri::generate_context!())
+        .expect("failed to run app");
+}
+```
+
+After installing and initializing the plugin, you can start making `fetch` requests from your Tauri application without encountering CORS-related errors.
+
+```javascript
+// For global configuration (default is true when the app starts)
+window.enableCORSFetch(true);
+
+// Use the hooked fetch
+fetch("https://example.com/api")
+  .then((response) => response.json())
+  .then((data) => console.log(data))
+  .catch((error) => console.error(error));
+
+// Or, explicitly call window.corsFetch (even if the global switch is off)
+window.corsFetch("https://example.com/api");
+```
+
+Note: To allow requests, you may need to update your Content Security Policy (CSP) to include `x-http` and `x-https` protocols:
+
+```json
+"csp": "default-src x-http: x-https: 'self'; connect-src ipc: http://ipc.localhost"
+```
+
+## How it Works
+
+This plugin registers custom `x-http` and `x-https` protocols for Tauri applications. During webpage initialization, it hooks the browser's native `fetch` method and redirects `http` and `https` requests to the `x-http` and `x-https` custom protocols. All traffic then goes through local native requests, and the plugin adds CORS-related headers to the response headers, effectively bypassing CORS.
+
+## Limitation
+
+1. Requires Tauri version 2.0 or later. Only desktop platforms are supported; iOS and Android have not been tested.
+2. Does not support `XMLHttpRequest` (XHR) requests. It is designed specifically to work with the modern `fetch` API.
+
+## License
+
+This project is licensed under the MIT License.

build.rs

@@ -0,0 +1,5 @@
+const COMMANDS: &[&str] = &["cancel_cors_request"];
+
+fn main() {
+    tauri_plugin::Builder::new(COMMANDS).build();
+}

permissions/autogenerated/commands/cancel_cors_request.toml

@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-cancel-cors-request"
+description = "Enables the cancel_cors_request command without any pre-configured scope."
+commands.allow = ["cancel_cors_request"]
+
+[[permission]]
+identifier = "deny-cancel-cors-request"
+description = "Denies the cancel_cors_request command without any pre-configured scope."
+commands.deny = ["cancel_cors_request"]

permissions/autogenerated/reference.md

@@ -0,0 +1,4 @@
+| Permission | Description |
+|------|-----|
+|`allow-cancel-cors-request`|Enables the cancel_cors_request command without any pre-configured scope.|
+|`deny-cancel-cors-request`|Denies the cancel_cors_request command without any pre-configured scope.|