diff options
author | ArthurHoaro <arthur@hoa.ro> | 2018-09-20 23:34:59 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-20 23:34:59 +0200 |
commit | 4adeffd7f427580bba6f7656360850d4460c1f1d (patch) | |
tree | 2ef89e3edea156bb7f70b393ef1e343ea8a9680c | |
parent | a4fbe88b6d007094fa395b17802e593ecca0588b (diff) | |
parent | 5d9bc40d7e48b8ac4829f9101f85b849d9199fa3 (diff) | |
download | Shaarli-4adeffd7f427580bba6f7656360850d4460c1f1d.tar.gz Shaarli-4adeffd7f427580bba6f7656360850d4460c1f1d.tar.zst Shaarli-4adeffd7f427580bba6f7656360850d4460c1f1d.zip |
Merge pull request #1207 from ArthurHoaro/feature/cors
Add CORS headers to REST API responses
-rw-r--r-- | index.php | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -1859,6 +1859,7 @@ $app->group('/api/v1', function() { | |||
1859 | })->add('\Shaarli\Api\ApiMiddleware'); | 1859 | })->add('\Shaarli\Api\ApiMiddleware'); |
1860 | 1860 | ||
1861 | $response = $app->run(true); | 1861 | $response = $app->run(true); |
1862 | |||
1862 | // Hack to make Slim and Shaarli router work together: | 1863 | // Hack to make Slim and Shaarli router work together: |
1863 | // If a Slim route isn't found and NOT API call, we call renderPage(). | 1864 | // If a Slim route isn't found and NOT API call, we call renderPage(). |
1864 | if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) { | 1865 | if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v1') === false) { |
@@ -1866,5 +1867,12 @@ if ($response->getStatusCode() == 404 && strpos($_SERVER['REQUEST_URI'], '/api/v | |||
1866 | header('Content-Type: text/html; charset=utf-8'); | 1867 | header('Content-Type: text/html; charset=utf-8'); |
1867 | renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager); | 1868 | renderPage($conf, $pluginManager, $linkDb, $history, $sessionManager, $loginManager); |
1868 | } else { | 1869 | } else { |
1870 | $response = $response | ||
1871 | ->withHeader('Access-Control-Allow-Origin', '*') | ||
1872 | ->withHeader( | ||
1873 | 'Access-Control-Allow-Headers', | ||
1874 | 'X-Requested-With, Content-Type, Accept, Origin, Authorization' | ||
1875 | ) | ||
1876 | ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); | ||
1869 | $app->respond($response); | 1877 | $app->respond($response); |
1870 | } | 1878 | } |