Correctly setup CORS for the webui

[FrostyCoolSlug]

The WebUI currently misconfigures CORS if --http-enable-cors is enabled, as it will only accept 'external' requests from localhost.

Look into providing a cleaner method of allowing users to define acceptable hosts (defaulting to localhost if none are defined).

[bonsai-rishabh]

Does this issue still need work? I would be willing to try this out if needed.

[FrostyCoolSlug]

Yea, this is still needed (you can't load profiles in the UIs Dev mode when bind address is set), so I'd appreciate any help :)

[bonsai-rishabh]

Sounds good, if you have any ideas on where to start looking for this too I would appreciate that. Feel free to assign this to me for now

[FrostyCoolSlug]

You'll need to start in cli.rs to add a new command line parameter which allows for a list of strings (might be best to check the clap documentation to see if there's a native way to handle that), then in main.rs, similar to the bind address, have defaults if cors is enabled but that CLI value is not set. Pass it into the HttpSettings struct, then inside the web server code adjust the CORS settings based on the values.

[bonsai-rishabh]

Thanks for the tips, I will start reading up the codebase, also wondering if there were any particular guidelines on branches/branch names or anything I should keep in mind before I start writing anything?

[FrostyCoolSlug]

Nothing overt at the moment, the main key is that you'll want to make sure you're working off the latest Dev branch (dev-1.0.0 currently) and send your PR into that branch, once 1.0 is released I may tighten that up a bit, but for now it's sufficient.