summaryrefslogtreecommitdiffstats
path: root/middleware/corsmiddleware.php
diff options
context:
space:
mode:
Diffstat (limited to 'middleware/corsmiddleware.php')
-rw-r--r--middleware/corsmiddleware.php9
1 files changed, 8 insertions, 1 deletions
diff --git a/middleware/corsmiddleware.php b/middleware/corsmiddleware.php
index ef9fe2e5a..7bde0a891 100644
--- a/middleware/corsmiddleware.php
+++ b/middleware/corsmiddleware.php
@@ -51,8 +51,15 @@ class CORSMiddleware extends Middleware {
*/
public function afterController($controller, $methodName, Response $response){
$annotationReader = new MethodAnnotationReader($controller, $methodName);
+
+ if(array_key_exists('Origin', $this->request->server)) {
+ $allowed = $this->request->server['Origin'];
+ } else {
+ $allowed = '*';
+ }
+
if($annotationReader->hasAnnotation('API')) {
- $response->addHeader('Access-Control-Allow-Origin', $request->server['Origin']);
+ $response->addHeader('Access-Control-Allow-Origin', $allowed);
$response->addHeader('Access-Control-Allow-Credentials', 'true');
}
return $response;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 17:30:50 +0000