Exemple #1
0
 /**
  * Add the CORS headers to the response.
  *
  * @return void
  */
 public function addCorsHeaders()
 {
     if (isset($this->_corsConfig['origin'])) {
         Utils::header("Access-Control-Allow-Origin: " . $this->_corsConfig['origin']);
     } else {
         Utils::header("Access-Control-Allow-Origin: '*'");
     }
     if (isset($this->_corsConfig['allowCredentials'])) {
         Utils::header("Access-Control-Allow-Credentials: " . $this->_corsConfig['allowCredentials']);
     } else {
         Utils::header('Access-Control-Allow-Credentials: true');
     }
     if (isset($this->_corsConfig['maxAge'])) {
         Utils::header("Access-Control-Max-Age: " . $this->_corsConfig['maxAge']);
     } else {
         Utils::header('Access-Control-Max-Age: 86400');
         // cache for 1 day
     }
     // Access-Control headers are sent during OPTIONS requests
     if ($this->_requestMethod == 'OPTIONS') {
         if (isset($this->_corsConfig['methods'])) {
             Utils::header("Access-Control-Allow-Methods: " . $this->_corsConfig['methods']);
         } else {
             Utils::header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
         }
         if (isset($this->_corsConfig['allowHeaders'])) {
             Utils::header("Access-Control-Allow-Headers: " . $this->_corsConfig['allowHeaders']);
         } else {
             Utils::header('Access-Control-Allow-Headers: X-Requested-With');
         }
     }
 }