Add CORS support to blackd (#627)

See issue #622. Use aiohttp-cors to allow cross-origin requests to blackd,
and add a dependency on it to the pipfile.

Pipfile

@@ -10,6 +10,7 @@ click = ">=6.5"
 appdirs = "*"
 toml = ">=0.9.4"
 black = {editable = true, path = ".", extras = ["d"]}
+aiohttp-cors = "*"
 
 [dev-packages]
 pre-commit = "*"

blackd.py

@@ -4,6 +4,7 @@
 import logging
 
 from aiohttp import web
+import aiohttp_cors
 import black
 import click
 
@@ -17,6 +18,15 @@
 SKIP_NUMERIC_UNDERSCORE_NORMALIZATION_HEADER = "X-Skip-Numeric-Underscore-Normalization"
 FAST_OR_SAFE_HEADER = "X-Fast-Or-Safe"
 
+BLACK_HEADERS = [
+    VERSION_HEADER,
+    LINE_LENGTH_HEADER,
+    PYTHON_VARIANT_HEADER,
+    SKIP_STRING_NORMALIZATION_HEADER,
+    SKIP_NUMERIC_UNDERSCORE_NORMALIZATION_HEADER,
+    FAST_OR_SAFE_HEADER,
+]
+
 
 @click.command(context_settings={"help_option_names": ["-h", "--help"]})
 @click.option(
@@ -35,7 +45,18 @@ def main(bind_host: str, bind_port: int) -> None:
 def make_app() -> web.Application:
     app = web.Application()
     executor = ProcessPoolExecutor()
-    app.add_routes([web.post("/", partial(handle, executor=executor))])
+
+    cors = aiohttp_cors.setup(app)
+    resource = cors.add(app.router.add_resource("/"))
+    cors.add(
+        resource.add_route("POST", partial(handle, executor=executor)),
+        {
+            "*": aiohttp_cors.ResourceOptions(
+                allow_headers=(*BLACK_HEADERS, "Content-Type"), expose_headers="*"
+            )
+        },
+    )
+
     return app