feat(legacy): don't guess cors url from server
This commit is contained in:
jo
Kyle Robbertze
parent
7002da8347
commit
f1270fed6f
|
|
@ -1,8 +1,5 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
use League\Uri\Contracts\UriException;
|
|
||||||
use League\Uri\Uri;
|
|
||||||
|
|
||||||
class CORSHelper
|
class CORSHelper
|
||||||
{
|
{
|
||||||
public static function enableCrossOriginRequests(&$request, &$response)
|
public static function enableCrossOriginRequests(&$request, &$response)
|
||||||
|
|
@ -35,38 +32,9 @@ class CORSHelper
|
||||||
return array_merge(
|
return array_merge(
|
||||||
$config['allowedCorsOrigins'],
|
$config['allowedCorsOrigins'],
|
||||||
self::getDatabaseAllowedOrigins(),
|
self::getDatabaseAllowedOrigins(),
|
||||||
self::getServerAllowedOrigins($request),
|
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get configured server origins.
|
|
||||||
*
|
|
||||||
* @param Request $request request object
|
|
||||||
*
|
|
||||||
* @return array
|
|
||||||
*/
|
|
||||||
private static function getServerAllowedOrigins($request)
|
|
||||||
{
|
|
||||||
$scheme = $request->getServer('REQUEST_SCHEME');
|
|
||||||
$host = $request->getServer('SERVER_NAME');
|
|
||||||
$port = intval($request->getServer('SERVER_PORT'));
|
|
||||||
|
|
||||||
try {
|
|
||||||
return [
|
|
||||||
strval(Uri::createFromComponents([
|
|
||||||
'scheme' => $scheme,
|
|
||||||
'host' => $host,
|
|
||||||
'port' => $port,
|
|
||||||
])),
|
|
||||||
];
|
|
||||||
} catch (UriException|TypeError $e) {
|
|
||||||
Logging::warn("could not parse server origin : {$e}");
|
|
||||||
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get database allowed origins.
|
* Get database allowed origins.
|
||||||
*
|
*
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue