Fixed cors
This commit is contained in:
Frank Schubert
@@ -33,10 +33,7 @@ class AddressdbApicontroller extends mfBaseApicontroller {
|
||||
$this->filter_salescluster_ids[] = $campain_scluster->salescluster_id;
|
||||
}
|
||||
|
||||
if(!array_key_exists($campain_scluster->salescluster_id, $this->campaigns_by_scluster)) {
|
||||
$this->campaigns_by_scluster[$campain_scluster->salescluster_id] = [];
|
||||
}
|
||||
$this->campaigns_by_scluster[$campain_scluster->salescluster_id][] = $campaign->id;
|
||||
$this->campaigns_by_scluster[$campain_scluster->salescluster_id] = $campaign->id;
|
||||
|
||||
}
|
||||
$this->campaigns[$campaign->id] = $campaign;
|
||||
|
||||
@@ -42,21 +42,24 @@ class mfBaseApicontroller {
|
||||
$this->logRequest2();
|
||||
|
||||
register_shutdown_function(["mfBaseApicontroller", "return_errors"]);
|
||||
|
||||
// CORS preflight
|
||||
// allow all origins
|
||||
if($this->http_method == "OPTIONS") {
|
||||
// dont execute route, OPTIONS only requires CORS headers
|
||||
if(preg_match('#^(https?)://(.+)(:\d+)?$#i', $this->headers['origin'], $m)) {
|
||||
$origin_proto = $m[1];
|
||||
$origin_hostname = $m[2];
|
||||
header("Access-Control-Allow-Origin: ".$origin_proto."://".$origin_hostname);
|
||||
$this->return(mfResponse::Ok());
|
||||
}
|
||||
}
|
||||
|
||||
// run Controllers init() function
|
||||
if(method_exists($this,"init")) {
|
||||
$this->init();
|
||||
}
|
||||
|
||||
// Apicontroller should add allowed hostnames with $this->addAllowedOrigin()
|
||||
$this->createCorsHeaders();
|
||||
|
||||
// CORS preflight OPTIONS
|
||||
if($this->http_method == "OPTIONS") {
|
||||
// dont execute route, OPTIONS only requires CORS headers
|
||||
$this->return(mfResponse::Ok());
|
||||
}
|
||||
|
||||
if($this->requireAuth) {
|
||||
$this->authenticateUser();
|
||||
if(method_exists($this,"authenticated")) {
|
||||
@@ -64,7 +67,8 @@ class mfBaseApicontroller {
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Apicontroller should add allowed hostnames with $this->addAllowedOrigin()
|
||||
$this->createCorsHeaders();
|
||||
|
||||
// route to action
|
||||
$this->route = $params['apicall'].((array_key_exists("apiparams", $params)) ? $params['apiparams'] : "");
|
||||
@@ -305,7 +309,7 @@ class mfBaseApicontroller {
|
||||
private function createCorsHeaders() {
|
||||
header("Access-Control-Allow-Methods: GET,POST,OPTIONS");
|
||||
header("Access-Control-Allow-Headers: X-Api-Key");
|
||||
//var_dump($this->headers);exit;
|
||||
|
||||
if(!is_array($this->allowed_origins) || !count($this->allowed_origins)) {
|
||||
return true;
|
||||
}
|
||||
@@ -323,7 +327,6 @@ class mfBaseApicontroller {
|
||||
$request_origin['hostname'] = $m[2];
|
||||
}
|
||||
|
||||
//var_dump($request_origin);exit;
|
||||
|
||||
foreach($this->allowed_origins as $origin) {
|
||||
//echo $origin." -> ".$_SERVER["HTTP_HOST"];
|
||||
|
||||
Reference in New Issue
Block a user