From 683364f70b9935f1391e0947cc2ca807075cc110 Mon Sep 17 00:00:00 2001
From: Frank Schubert <fronk@fronk.at>
Date: Thu, 1 Dec 2022 14:28:31 +0100
Subject: [PATCH] fixed cors check

---
 lib/mvcfronk/mfBase/mfBaseApicontroller.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/mvcfronk/mfBase/mfBaseApicontroller.php b/lib/mvcfronk/mfBase/mfBaseApicontroller.php
index 1430d1867..996519dba 100644
--- a/lib/mvcfronk/mfBase/mfBaseApicontroller.php
+++ b/lib/mvcfronk/mfBase/mfBaseApicontroller.php
@@ -50,6 +50,8 @@ class mfBaseApicontroller {
       header("Access-Control-Allow-Methods: GET,POST,OPTIONS");
       header("Access-Control-Allow-Headers: X-Api-Key");
       
+      $this->log->debug("origin header: ".$this->headers['origin']);
+      
       if(preg_match('#^(https?)://(.+)(:\d+)?$#i', $this->headers['origin'], $m)) {
         $origin_proto = $m[1];
         $origin_hostname = $m[2];
@@ -325,7 +327,7 @@ class mfBaseApicontroller {
     
     $request_origin = ["proto" => false, "hostname" => ""];
     $m = [];
-    if(preg_match('#^(https?)://(.+)(:\d+)?$#i', $this->headers['origin'], $m)) {
+    if(preg_match('#^(https?)://(.+)(:\d+)?/?$#i', $this->headers['origin'], $m)) {
       $request_origin['proto'] = $m[1];
       $request_origin['hostname'] = $m[2];
     }
@@ -337,7 +339,7 @@ class mfBaseApicontroller {
       $hostname = $origin;
       
       $m = [];
-      if(preg_match('#^(https?)://(.+)$#i', $origin, $m)) {
+      if(preg_match('#^(https?)://(.+)/?$#i', $origin, $m)) {
         $proto = $m[1];
         $hostname = $m[2];
       }