/** * @param ParsedUrlInterface $requestOrigin * @param ParsedUrlInterface $serverOrigin * * @return bool * * @see http://tools.ietf.org/html/rfc6454#section-5 */ protected function isSameOrigin(ParsedUrlInterface $requestOrigin, ParsedUrlInterface $serverOrigin) { $isSameOrigin = $requestOrigin->isHostEqual($serverOrigin) === true && $requestOrigin->isPortEqual($serverOrigin) === true && $requestOrigin->isSchemeEqual($serverOrigin) === true; return $isSameOrigin; }
/** * @inheritdoc */ public function isRequestOriginAllowed(ParsedUrlInterface $requestOrigin) { // check if all origins are allowed with '*' $isAllowed = isset($this->allowedOrigins[CorsResponseHeaders::VALUE_ALLOW_ORIGIN_ALL]); if ($isAllowed === false) { $requestOriginStr = strtolower($requestOrigin->getOrigin()); $isAllowed = isset($this->allowedOrigins[$requestOriginStr]); } return $isAllowed; }
/** * @inheritdoc */ public function isPortEqual(ParsedUrlInterface $rhs) { return $this->getPort() === $rhs->getPort(); }