Specify allowed origins with an env variable

src/server.ts

@@ -18,8 +18,8 @@ const server = http.createServer((req, res) => {
   switch (req.url) {
     case '/run':
       const jobId = generateId();
-      const code = "echo a";
-      const image = "ghcr.io/moshell-lang/moshell:master";
+      const code = 'echo a';
+      const image = 'ghcr.io/moshell-lang/moshell:master';
       const buffer = Buffer.allocUnsafe(jobId.length + image.length + code.length + 8);
       buffer.write(jobId, 0);
       buffer.writeUInt32BE(image.length, jobId.length);
@@ -30,11 +30,12 @@ const server = http.createServer((req, res) => {
         'Content-Type': 'text/event-stream',
         Connection: 'keep-alive',
         'Cache-Control': 'no-cache',
+        'Access-Control-Allow-Origin': process.env.ALLOW_ORIGIN || '*',
       });
       sender.send(buffer).then(() => {
         res.write('event: connected\n');
         res.write(`data: ${jobId}\n`);
-        res.write('id: 0\n');
+        res.write('id: 0\n\n');
       });
       req.on('close', () => {
         res.end('OK');
@@ -60,5 +61,5 @@ for await (const [buff] of receiver) {
   }
   res.write('event: message\n');
   res.write(`data: ${encodeURIComponent(buff.subarray(32).toString())}\n`);
-  res.write('id: 0\n');
+  res.write('id: 1\n\n');
 }