Add a function to setup CORS access headers

This commit is contained in:
Isaac Connor 2015-12-02 10:05:03 -05:00
parent a799a1ce79
commit 3f8a45bbbb
1 changed files with 19 additions and 0 deletions

View File

@ -94,6 +94,25 @@ function noCacheHeaders()
header("Pragma: no-cache"); // HTTP/1.0
}
function CORSHeaders() {
# This just allows cross server requests with no verification. This is ok, because we do auth later.
header("Access-Control-Allow-Origin: *" );
# The following is left for future reference/use.
#$valid = false;
#header("Access-Control-Allow-Headers: x-requested-with,x-request");
#foreach( dbFetchAll( 'SELECT * FROM Servers' ) as $row ) {
#$Server = new Server( $row );
#if ( $_SERVER['HTTP_ORIGIN'] == $Server->Url() ) {
#$valid = true;
#header("Access-Control-Allow-Origin: " . $Server->Url() );
#}
#}
#if ( ! $valid ) {
#Warning( $_SERVER['HTTP_ORIGIN'] . " is not found in servers list." );
#}
}
function getAuthUser( $auth )
{
if ( ZM_OPT_USE_AUTH && ZM_AUTH_RELAY == "hashed" && !empty($auth) )