diff options
author | Camil Staps | 2015-05-14 14:37:29 +0200 |
---|---|---|
committer | Camil Staps | 2015-05-14 14:37:29 +0200 |
commit | 37410a7ab3de8a14cc06863277f3fa81fdea6864 (patch) | |
tree | cef881a612e3e45dd97b6f231857f79460feae59 /src | |
parent | Own Model class; new namespaces Database and Controllers; RFC2822 dates (diff) |
Support array as config.allowed_origin
Diffstat (limited to 'src')
-rw-r--r-- | src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php b/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php index 3cf6e12..76167e2 100644 --- a/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php +++ b/src/CamilStaps/BotleaguesApi/BotleaguesApiServiceProvider.php @@ -1,6 +1,7 @@ <?php namespace CamilStaps\BotleaguesApi; +use \Illuminate\Support\Facades\Request; use \Illuminate\Support\ServiceProvider; use \Illuminate\Support\Facades\App; use \Illuminate\Support\Facades\Config; @@ -30,7 +31,17 @@ class BotleaguesApiServiceProvider extends ServiceProvider { include __DIR__ . '/../../routes.php'; // To allow loading API requests from the specified domain - header('Access-Control-Allow-Origin: ' . Config::get('config.allowed_origin')); + $allowed_origin = Config::get('config.allowed_origin'); + if (is_array($allowed_origin)) { + $origin = Request::header('Origin'); + if (in_array($origin, $allowed_origin)) { + header('Access-Control-Allow-Origin: ' . $origin); + } else { + header('Access-Control-Allow-Origin: ' . $allowed_origin[0]); + } + } else { + header('Access-Control-Allow-Origin: ' . $allowed_origin); + } header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE'); header('Access-Control-Allow-Headers: Authorization'); |