mardi 3 octobre 2017

Set AllowedOrigins based on condition

I was previously using a custom cors middleware in order to handle Allow Origin based on my environment. I had an issue with OPTIONS cors so I switched to laravel-cors library. But now I don't know how I can handle different cases just by a config file. This is my previous custom cors middleware:

public function handle($request, Closure $next)
{

    $origin = \Config::get('app.url', "https://mysite.ca");

    // Set origin for localhost developing, else just use the staging server
    if( isset( $_SERVER['HTTP_ORIGIN'] ) && $_SERVER['HTTP_ORIGIN'] === 'http://ift.tt/2xeqUZt' ) {
        $origin = 'http://ift.tt/2xeqUZt';
    }


    $response = $next($request);


    $response->headers->set('Access-Control-Allow-Origin', $origin);
    $response->headers->set('Access-Control-Expose-Headers','Authorization');
    $response->headers->set('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE');
    $response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With, Application');
    $response->headers->set('Access-Control-Allow-Credentials','true');

    return $response;
}


via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)