summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--external/newsapi.php4
-rw-r--r--middleware/corsmiddleware.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/external/newsapi.php b/external/newsapi.php
index 067334008..1121f3400 100644
--- a/external/newsapi.php
+++ b/external/newsapi.php
@@ -79,8 +79,8 @@ class NewsAPI extends Controller {
*/
public function cors() {
// needed for webapps access due to cross origin request policy
- if(isset($this->request->server['Origin'])) {
- $origin = $this->request->server['Origin'];
+ if(isset($this->request->server['HTTP_ORIGIN'])) {
+ $origin = $this->request->server['HTTP_ORIGIN'];
} else {
$origin = '*';
}
diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php
index 187696de6..4fec2faa1 100644
--- a/middleware/corsmiddleware.php
+++ b/middleware/corsmiddleware.php
@@ -53,10 +53,10 @@ class CORSMiddleware extends Middleware {
$annotationReader = new MethodAnnotationReader($controller, $methodName);
// only react if its an API request and if the request sends origin
- if(isset($this->request->server['Origin']) &&
+ if(isset($this->request->server['HTTP_ORIGIN']) &&
$annotationReader->hasAnnotation('API')) {
- $origin = $this->request->server['Origin'];
+ $origin = $this->request->server['HTTP_ORIGIN'];
$response->addHeader('Access-Control-Allow-Origin', $origin);
$response->addHeader('Access-Control-Allow-Credentials', 'true');
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 03:19:45 +0000