Multiple Access-Control-Allow-Origin Headers
m-schreiber opened this issue · comments
m-schreiber commented
Hi There,
just hit a Problem - would be nice if you could implement it.
Multiple "Access-Control-Allow-Origin"-Headers are not allowed:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSMultipleAllowOriginNotAllowed
Instead of
foreach($allowedOrigin as $allowed_origin) { // to support multiple origins
header("Access-Control-Allow-Origin: $allowed_origin");
}
do
header("Access-Control-Allow-Origin: ".implode(", ",$allowed_origin);
Jacob Wright commented
Let me know if #116 works for you.
m-schreiber commented
yes - this should work for me - will get back if i integrate a new version of your rest-server into my project - but my workaround looks and works the same:
$server = new \Jacwright\RestServer\RestServer($config["mode"]);
$server->useCors = false;
$server->allowedOrigin = $config["allowedOrigin"];
$server->addClass(...);
header("Access-Control-Allow-Origin: ".implode(", ",$config["allowedOrigin"]));
header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS');
header('Access-Control-Allow-Credential: true');
header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, Authorization');
if ($server->getMethod() == 'OPTIONS')
{
//Exit because of Bug in RestServer that makes it crash when not using cors
exit;
}
$server->handle();