kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-08-20 12:20:22 +00:00
Code Issues Projects Releases Wiki Activity

Also allow just all headers and request methods for CORS OPTIONS requests (references #681)

Browse Source
This commit is contained in:
Bernd Bestel
2020-04-21 21:09:49 +02:00
parent 98f2276e17
commit 53a0a2f4e1
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
middleware/CorsMiddleware.php
View File

@@ -13,16 +13,16 @@ class CorsMiddleware extends BaseMiddleware
{ {
$response = $handler->handle($request); $response = $handler->handle($request);
$routeContext = RouteContext::fromRequest($request); //$routeContext = RouteContext::fromRequest($request);
$routingResults = $routeContext->getRoutingResults(); //$routingResults = $routeContext->getRoutingResults();
$methods = $routingResults->getAllowedMethods(); //$methods = $routingResults->getAllowedMethods();
//$requestHeaders = $request->getHeaderLine('Access-Control-Request-Headers'); //$requestHeaders = $request->getHeaderLine('Access-Control-Request-Headers');
$response = $handler->handle($request); $response = $handler->handle($request);
$response = $response->withHeader('Access-Control-Allow-Origin', '*'); $response = $response->withHeader('Access-Control-Allow-Origin', '*');
$response = $response->withHeader('Access-Control-Allow-Methods', implode(',', $methods)); $response = $response->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$response = $response->withHeader('Access-Control-Allow-Headers', 'Content-Type,GROCY-API-KEY'); $response = $response->withHeader('Access-Control-Allow-Headers', '*');
return $response; return $response;
} }