kenmirrors/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2025-04-29 17:45:39 +00:00
Code Issues Projects Releases Wiki Activity

Also allow just all headers and request methods for CORS OPTIONS requests (references #681)

Browse Source
This commit is contained in:
Bernd Bestel 2020-04-21 21:09:49 +02:00
parent 98f2276e17
commit 53a0a2f4e1
No known key found for this signature in database
GPG Key ID: 71BD34C0D4891300
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
middleware/CorsMiddleware.php
View File

@ -13,16 +13,16 @@ class CorsMiddleware extends BaseMiddleware
{
$response = $handler->handle($request);
$routeContext = RouteContext::fromRequest($request);
$routingResults = $routeContext->getRoutingResults();
$methods = $routingResults->getAllowedMethods();
//$routeContext = RouteContext::fromRequest($request);
//$routingResults = $routeContext->getRoutingResults();
//$methods = $routingResults->getAllowedMethods();
//$requestHeaders = $request->getHeaderLine('Access-Control-Request-Headers');
$response = $handler->handle($request);
$response = $response->withHeader('Access-Control-Allow-Origin', '*');
$response = $response->withHeader('Access-Control-Allow-Methods', implode(',', $methods));
$response = $response->withHeader('Access-Control-Allow-Headers', 'Content-Type,GROCY-API-KEY');
$response = $response->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$response = $response->withHeader('Access-Control-Allow-Headers', '*');
return $response;
}