Answers for "php cors multiple headers"

PHP
2

php cors multiple headers

// enter the origins you want allowed for cors to work
$_SESSION['allowed_origins'] = array('*', "site1.com", "site2.com");

// use this function to cycle through the list and enter these dynamically
function setAllowedHeadersAPI($array) {
    foreach ($_SESSION['allowed_origins'] as $origin) {
        header("Access-Control-Allow-Origin: $origin");
        header("Access-Control-Allow-Headers: $origin");
    }
}

// call function and pass the array through it
setAllowedHeadersAPI($_SESSION['allowed_origins']);
Posted by: Guest on August-24-2021
2

php how to set multiple headers for cors

// enter the origins you want allowed for cors to work
$_SESSION['allowed_origins'] = array('*', "site1.com", "site2.com");

// use this function to cycle through the list 
// and enter these dynamically
function setAllowedHeadersAPI($array) {
    foreach ($_SESSION['allowed_origins'] as $origin) {
        header("Access-Control-Allow-Origin: $origin");
        header("Access-Control-Allow-Headers: $origin");
    }
}

// call function and pass the array through it
setAllowedHeadersAPI($_SESSION['allowed_origins']);
Posted by: Guest on August-24-2021
0

php cors header multiple domains

//Function to be called first in php file.
function CORS_HEADERS_HANDLER(){
  if (isset($_SERVER['HTTP_ORIGIN'])){
    switch($_SERVER['HTTP_ORIGIN']){
        //Handle an IP address and Port
      case 'http://1.2.3.4:4200':
        header('Access-Control-Allow-Origin: http://1.2.3.4:4200');
        break;
        //Handle an Website Domain (using https)
      case 'https://www.someSite.com':
        header('Access-Control-Allow-Origin: https://www.someSite.com');
        break;
        //Handle an Website Domain (using http)
      case 'http://www.someSite.com':
        header('Access-Control-Allow-Origin: http://www.someSite.com');
        break;
        //Catch if someone's site is actually the reject being cheeky
      case 'https://not.you':
        header('Access-Control-Allow-Origin: https://nice.try');
        break;
        //Handle a rejection passing something that is not the request origin.
      default:
        header('Access-Control-Allow-Origin: https://not.you');
        break;
    }
  }else{
    header('Access-Control-Allow-Origin: https://not.you');
  }
  header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS');
  header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token');
  header('Access-Control-Allow-Credentials: true');
  header('Content-Type: application/json; charset=utf-8');
  header("Cache-Control: public,max-age=3600");
  //if its an options request you don't need to proceed past CORS request.
  if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    die();
  }
}
Posted by: Guest on January-23-2020

Browse Popular Code Answers by Language