still trying to fix cors

author: Bernhard Posselt <nukeawhale@gmail.com> 2013-09-02 14:16:50 +0200
committer: Bernhard Posselt <nukeawhale@gmail.com> 2013-09-02 14:16:50 +0200
commit: 41e5ac53af522fec4891c7d37ae98e48cfad159a (patch)
tree: db0fae1125cf2f5d0d8747f04f589a38f7d37068 /middleware
parent: d795483ef5d3230c7841b93285e57f7996549722 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php
index ef9fe2e5a..7bde0a891 100644
--- a/middleware/corsmiddleware.php
+++ b/middleware/corsmiddleware.php
@@ -51,8 +51,15 @@ class CORSMiddleware extends Middleware {
 	 */
 	public function afterController($controller, $methodName, Response $response){
 		$annotationReader = new MethodAnnotationReader($controller, $methodName);
+
+		if(array_key_exists('Origin', $this->request->server)) {
+			$allowed = $this->request->server['Origin'];
+		} else {
+			$allowed = '*';
+		}
+
 		if($annotationReader->hasAnnotation('API')) {
-			$response->addHeader('Access-Control-Allow-Origin', $request->server['Origin']);
+			$response->addHeader('Access-Control-Allow-Origin', $allowed);
 			$response->addHeader('Access-Control-Allow-Credentials', 'true');
 		}
 		return $response;
author	Bernhard Posselt <nukeawhale@gmail.com>	2013-09-02 14:16:50 +0200
committer	Bernhard Posselt <nukeawhale@gmail.com>	2013-09-02 14:16:50 +0200
commit	41e5ac53af522fec4891c7d37ae98e48cfad159a (patch)
tree	db0fae1125cf2f5d0d8747f04f589a38f7d37068 /middleware
parent	d795483ef5d3230c7841b93285e57f7996549722 (diff)