Feature Request: CORS fallback for OpenAI API compatible endpoints

[DK013]

Prerequisites

• I am running the latest code. Mention the version if possible as well.
• I carefully followed the README.md.
• I searched using keywords relevant to my issue to make sure that I am creating a new issue that is not already open (or closed).
• I reviewed the Discussions, and have a new and useful enhancement to share.

Feature Description

Problem:

The response header for CORS is set from using request Origin header in the code:
res.set_header("Access-Control-Allow-Origin", req.get_header_value("Origin"));

When using with SDKs like openai js sdk or langchain-js, while testing with a custom frontend, the browser thrown CORS error.
For example, I'm testing everything in local, my frontend is running on localhost:5173 (vite dev server), sending request to localhost:8080 (llamafile server) but Origin header is not present in my request and it's not possible to add custom headers with openai-js-sdk. This applies for both llamafile and whisperfile servers. and all their endpoints.

Motivation

Testing use cases, compatibility with supported libraries and SDKs for PoC.

Possible Implementation

Proposal:

I went through a lot of discussions, and since this server is not ready for production, and I'm sure most people using it for local development and testing are not trying them for production either, having a simple patch to pass Access-Control-Allow-Origin: * when Origin header is not found from the request, will be beneficial to use the server for testing with these SDKs on browser environment.

const char* origin = req.get_header_value("Origin");

if (origin == nullptr || std::string(origin).empty()) {
    origin = "*";
}

res.set_header("Access-Control-Allow-Origin", origin);

Something like this maybe.