diff options
author | Bernhard Posselt <nukeawhale@gmail.com> | 2013-09-02 14:16:50 +0200 |
---|---|---|
committer | Bernhard Posselt <nukeawhale@gmail.com> | 2013-09-02 14:16:50 +0200 |
commit | 41e5ac53af522fec4891c7d37ae98e48cfad159a (patch) | |
tree | db0fae1125cf2f5d0d8747f04f589a38f7d37068 /middleware | |
parent | d795483ef5d3230c7841b93285e57f7996549722 (diff) |
still trying to fix cors
Diffstat (limited to 'middleware')
-rw-r--r-- | middleware/corsmiddleware.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php index ef9fe2e5a..7bde0a891 100644 --- a/middleware/corsmiddleware.php +++ b/middleware/corsmiddleware.php @@ -51,8 +51,15 @@ class CORSMiddleware extends Middleware { */ public function afterController($controller, $methodName, Response $response){ $annotationReader = new MethodAnnotationReader($controller, $methodName); + + if(array_key_exists('Origin', $this->request->server)) { + $allowed = $this->request->server['Origin']; + } else { + $allowed = '*'; + } + if($annotationReader->hasAnnotation('API')) { - $response->addHeader('Access-Control-Allow-Origin', $request->server['Origin']); + $response->addHeader('Access-Control-Allow-Origin', $allowed); $response->addHeader('Access-Control-Allow-Credentials', 'true'); } return $response; |