Add CORS settings (#159)

api/rds.proto

@@ -101,6 +101,23 @@ message RouteMatch {
   repeated HeaderMatcher headers = 6;
 }
 
+message CorsPolicy {
+  // Specifies the origins that will be allowed to do CORS requests.
+  repeated string allow_origin = 1;
+  // Specifies the content for the access-control-allow-methods header.
+  string allow_methods = 2;
+  // Specifies the content for the access-control-allow-headers header.
+  string allow_headers = 3;
+  // Specifies the content for the access-control-expose-headers header.
+  string expose_headers = 4;
+  // Specifies the content for the access-control-max-age header.
+  string max_age = 5;
+  // Specifies whether the resource allows credentials.
+  google.protobuf.BoolValue allow_credentials = 6;
+  // Specifies if CORS is enabled. Defaults to true. Only effective on route.
+  google.protobuf.BoolValue enabled = 7;
+}
+
 message RouteAction {
   oneof cluster_specifier {
     // Indicates the upstream cluster to which the request should be routed
@@ -251,6 +268,9 @@ message RouteAction {
   // Redirects, timeouts and retries are not supported on routes where
   // websocket upgrades are allowed.
   google.protobuf.BoolValue use_websocket = 16;
+
+  // Indicates that the route has a CORS policy.
+  CorsPolicy cors = 17;
 }
 
 message RedirectAction {
@@ -438,6 +458,9 @@ message VirtualHost {
   // handled by this virtual host. In the presence of duplicate header keys,
   // precedence rules apply.
   repeated HeaderValueOption request_headers_to_add = 7;
+
+  // Indicates that the virtual host has a CORS policy.
+  CorsPolicy cors = 8;
 }
 
 message RouteConfiguration {