mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-11-10 21:22:58 +01:00
f57339f185
* Working on emailing invoices * Working on emailing and displaying email * Working on emailing and displaying email * Email invoices * Fixes for html emails * Ensure valid client prior to store * Ensure client exists when storing an entity * Update variable name send -> send_email for client_contacts * Mailable download files * Extend timeouts of password protected routes when a protected route is hit * Add default portal design to company settings * Minor fixes * Fixes for Tests * Fixes for invoicing emails * Refactors for InvoiceEmail * Implement abstractservice * Refactors for services * Refactors for emails * Fixes for Invoice Emails
44 lines
1.7 KiB
PHP
44 lines
1.7 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Support\Facades\Response;
|
|
use Symfony\Component\HttpFoundation\BinaryFileResponse;
|
|
|
|
class Cors
|
|
{
|
|
public function handle($request, Closure $next)
|
|
{
|
|
if ($request->getMethod() == "OPTIONS") {
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
// ALLOW OPTIONS METHOD
|
|
$headers = [
|
|
'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
|
|
'Access-Control-Allow-Headers'=> 'X-API-SECRET,X-API-TOKEN,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
|
|
];
|
|
|
|
return Response::make('OK', 200, $headers);
|
|
}
|
|
|
|
|
|
/* Work around for file downloads where the response cannot contain have headers set */
|
|
// if($request instanceOf BinaryFileResponse)
|
|
// return $next($request);
|
|
// else
|
|
// return $next($request)
|
|
// ->header('Access-Control-Allow-Origin', '*')
|
|
// ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
|
|
// ->header('Access-Control-Allow-Headers', 'X-API-SECRET,X-API-TOKEN,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
|
|
|
|
$response = $next($request);
|
|
|
|
$response->headers->set('Access-Control-Allow-Origin', '*');
|
|
$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
|
|
$response->headers->set('Access-Control-Allow-Headers', 'X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
|
|
|
|
return $response;
|
|
}
|
|
}
|