|
public addActualRequestHeaders ( |
||
| $response | ||
| $request | ||
/**
* Render an exception into an HTTP response.
*
* @param \Illuminate\Http\Request $request
* @param \Exception $e
* @return \Illuminate\Http\Response
*/
public function render($request, Exception $e)
{
if ($e instanceof ModelNotFoundException) {
$e = new NotFoundHttpException($e->getMessage(), $e);
} elseif ($e instanceof OAuthException) {
$response = response()->json(['error' => $e->errorType, 'error_description' => $e->getMessage()], $e->httpStatusCode, $e->getHttpHeaders());
return $this->corsService->addActualRequestHeaders($response, $request);
}
return parent::render($request, $e);
}
/**
* Handle an incoming request. Based on Asm89\Stack\Cors by asm89
* @see https://github.com/asm89/stack-cors/blob/master/src/Asm89/Stack/Cors.php
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!$this->cors->isCorsRequest($request)) {
return $next($request);
}
if (!$this->cors->isActualRequestAllowed($request)) {
abort(403);
}
/** @var \Illuminate\Http\Response $response */
$response = $next($request);
return $this->cors->addActualRequestHeaders($response, $request);
}
/**
* @test
*/
public function it_does_not_modify_request_with_origin_not_allowed()
{
$passedOptions = array('allowedOrigins' => array('notlocalhost'));
$service = new CorsService($passedOptions);
$request = $this->createValidActualRequest();
$response = new Response();
$service->addActualRequestHeaders($response, $request);
$this->assertEquals($response, new Response());
}