protected function add_cors_headers(HTTP_Response &$response) { $response->headers('Access-Control-Allow-Origin', '*'); $response->headers('Access-Control-Allow-Headers', 'Authorization, Content-type'); if (isset($this->_action_map)) { $allow_methods = implode(', ', array_keys($this->_action_map)); $this->response->headers('Allow', $allow_methods); $this->response->headers('Access-Control-Allow-Methods', $allow_methods); } return $response; }
/** * Sends headers to the php processor, or supplied `$callback` argument. * This method formats the headers correctly for output, re-instating their * capitalization for transmission. * * [!!] if you supply a custom header handler via `$callback`, it is * recommended that `$response` is returned * * @param HTTP_Response $response header to send * @param boolean $replace replace existing value * @param callback $callback optional callback to replace PHP header function * @return mixed * @since 3.2.0 */ public function send_headers(HTTP_Response $response = NULL, $replace = FALSE, $callback = NULL) { $protocol = $response->protocol(); $status = $response->status(); // Create the response header $processed_headers = array($protocol . ' ' . $status . ' ' . Response::$messages[$status]); // Get the headers array $headers = $response->headers()->getArrayCopy(); foreach ($headers as $header => $value) { if (is_array($value)) { $value = implode(', ', $value); } $processed_headers[] = Text::ucfirst($header) . ': ' . $value; } if (!isset($headers['content-type'])) { $processed_headers[] = 'Content-Type: ' . Kohana::$content_type . '; charset=' . Kohana::$charset; } if (Kohana::$expose and !isset($headers['x-powered-by'])) { $processed_headers[] = 'X-Powered-By: ' . Kohana::version(); } // Get the cookies and apply if ($cookies = $response->cookie()) { $processed_headers['Set-Cookie'] = $cookies; } if (is_callable($callback)) { // Use the callback method to set header return call_user_func($callback, $response, $processed_headers, $replace); } else { $this->_send_headers_to_php($processed_headers, $replace); return $response; } }
protected static function static_add_cors_headers(HTTP_Response &$response) { $response->headers('Access-Control-Allow-Origin', '*'); $response->headers('Access-Control-Allow-Headers', 'Authorization, Content-type'); return $response; }