/**
* Create a preflight response by adding the corresponding headers
*
* @param HttpRequest $request
* @return HttpResponse
*/
public function createPreflightCorsResponse(HttpRequest $request)
{
$response = new HttpResponse();
$response->setStatusCode(200);
$headers = $response->getHeaders();
$headers->addHeaderLine('Access-Control-Allow-Origin', $this->getAllowedOriginValue($request));
$headers->addHeaderLine('Access-Control-Allow-Methods', implode(', ', $this->options->getAllowedMethods()));
$headers->addHeaderLine('Access-Control-Allow-Headers', implode(', ', $this->options->getAllowedHeaders()));
$headers->addHeaderLine('Access-Control-Max-Age', $this->options->getMaxAge());
$headers->addHeaderLine('Content-Length', 0);
if ($this->options->getAllowedCredentials()) {
$headers->addHeaderLine('Access-Control-Allow-Credentials', 'true');
}
return $response;
}
public function testCanModifyOptions()
{
$options = new CorsOptions();
$options->setAllowedOrigins(array('http://example1.com', 'http://example2.com'));
$this->assertEquals(array('http://example1.com', 'http://example2.com'), $options->getAllowedOrigins());
$options->setAllowedMethods(array('POST', 'GET'));
$this->assertEquals(array('POST', 'GET'), $options->getAllowedMethods());
$options->setAllowedHeaders(array('Content-Type'));
$this->assertEquals(array('Content-Type'), $options->getAllowedHeaders());
$options->setMaxAge(30);
$this->assertEquals(30, $options->getMaxAge());
$options->setExposedHeaders(array('Location', 'X-Custom-Header'));
$this->assertEquals(array('Location', 'X-Custom-Header'), $options->getExposedHeaders());
$options->setAllowedCredentials(true);
$this->assertTrue($options->getAllowedCredentials());
}