mirror of
https://github.com/invoiceninja/invoiceninja.git
synced 2024-09-21 00:41:34 +02:00
b3262b00b7
* fix regression in company name * HasOneThrough for company user * Validation rules for contact email addresses * Force a blank contact if no contacts passed in client * Fixes for COR * Fixes for COR * Fixes for CORS
37 lines
970 B
PHP
37 lines
970 B
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Support\Facades\Response;
|
|
|
|
|
|
class Cors
|
|
{
|
|
|
|
public function handle($request, Closure $next)
|
|
{
|
|
|
|
if($request->getMethod() == "OPTIONS") {
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
// ALLOW OPTIONS METHOD
|
|
$headers = [
|
|
'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
|
|
'Access-Control-Allow-Headers'=> 'X-API-SECRET,X-API-TOKEN,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'
|
|
];
|
|
|
|
return Response::make('OK', 200, $headers);
|
|
|
|
}
|
|
|
|
|
|
|
|
return $next($request)
|
|
->header('Access-Control-Allow-Origin', '*')
|
|
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
|
|
->header('Access-Control-Allow-Headers', 'X-API-SECRET,X-API-TOKEN,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range');
|
|
|
|
}
|
|
|
|
} |