/**
* @param ParsedUrlInterface $requestOrigin
* @param ParsedUrlInterface $serverOrigin
*
* @return bool
*
* @see http://tools.ietf.org/html/rfc6454#section-5
*/
protected function isSameOrigin(ParsedUrlInterface $requestOrigin, ParsedUrlInterface $serverOrigin)
{
$isSameOrigin = $requestOrigin->isHostEqual($serverOrigin) === true && $requestOrigin->isPortEqual($serverOrigin) === true && $requestOrigin->isSchemeEqual($serverOrigin) === true;
return $isSameOrigin;
}
/**
* @inheritdoc
*/
public function isRequestOriginAllowed(ParsedUrlInterface $requestOrigin)
{
// check if all origins are allowed with '*'
$isAllowed = isset($this->allowedOrigins[CorsResponseHeaders::VALUE_ALLOW_ORIGIN_ALL]);
if ($isAllowed === false) {
$requestOriginStr = strtolower($requestOrigin->getOrigin());
$isAllowed = isset($this->allowedOrigins[$requestOriginStr]);
}
return $isAllowed;
}
/**
* @inheritdoc
*/
public function isPortEqual(ParsedUrlInterface $rhs)
{
return $this->getPort() === $rhs->getPort();
}