fix: CORS
davvalent commited on 2023-04-03 04:16:48
Showing 2 changed files, with 21 additions and 5 deletions.
- data.php d4247a9..f0ea789
- endpoint.php 8109764..d685051
| ... | ... |
@@ -57,12 +57,22 @@ |
| 57 | 57 |
|
| 58 | 58 |
/** Handling CORS */ |
| 59 | 59 |
$request_headers = getallheaders(); |
| 60 |
- $local_host_referer = (str_contains($request_headers['Referer'], "localhost")) |
|
| 61 |
- ? "http://localhost" |
|
| 62 |
- : "http://127.0.0.1"; |
|
| 63 |
- header('Access-Control-Allow-Origin: ' . $local_host_referer);
|
|
| 60 |
+ if (isset($request_headers['Origin'])) {
|
|
| 64 | 61 |
|
| 65 |
- /** Access to Accept header value */ |
|
| 62 |
+ $origin = $request_headers['Origin']; |
|
| 63 |
+ |
|
| 64 |
+ $dev = (str_contains($origin, 'localhost') || str_contains($origin, '127.0.0.1')) |
|
| 65 |
+ ? true |
|
| 66 |
+ : false; |
|
| 67 |
+ |
|
| 68 |
+ $host_origin = ($dev) |
|
| 69 |
+ ? $request_headers['Origin'] |
|
| 70 |
+ : "https://ntnlv.ca"; |
|
| 71 |
+ |
|
| 72 |
+ header('Access-Control-Allow-Origin: ' . $host_origin);
|
|
| 73 |
+ } |
|
| 74 |
+ |
|
| 75 |
+ /** Access to "Accept header" value */ |
|
| 66 | 76 |
$accept_header = $request_headers['Accept']; |
| 67 | 77 |
|
| 68 | 78 |
$config = array( |
| ... | ... |
@@ -30,14 +30,20 @@ |
| 30 | 30 |
|
| 31 | 31 |
/** Handling CORS */ |
| 32 | 32 |
$request_headers = getallheaders(); |
| 33 |
+ if (isset($request_headers['Origin'])) {
|
|
| 34 |
+ |
|
| 33 | 35 |
$origin = $request_headers['Origin']; |
| 36 |
+ |
|
| 34 | 37 |
$dev = (str_contains($origin, 'localhost') || str_contains($origin, '127.0.0.1')) |
| 35 | 38 |
? true |
| 36 | 39 |
: false; |
| 40 |
+ |
|
| 37 | 41 |
$host_origin = ($dev) |
| 38 | 42 |
? $request_headers['Origin'] |
| 39 | 43 |
: "https://ntnlv.ca"; |
| 44 |
+ |
|
| 40 | 45 |
header('Access-Control-Allow-Origin: ' . $host_origin);
|
| 46 |
+ } |
|
| 41 | 47 |
|
| 42 | 48 |
$ep = ARC2::getStoreEndpoint($config); |
| 43 | 49 |
|
| 44 | 50 |