mirror of
https://github.com/openvk/openvk
synced 2024-12-22 16:42:32 +03:00
Add Access-Control-Allow-Origin header to API
This commit is contained in:
parent
8999d6bd2f
commit
05b7061471
1 changed files with 16 additions and 2 deletions
|
@ -12,7 +12,7 @@ final class VKAPIPresenter extends OpenVKPresenter
|
|||
{
|
||||
$date = date(DATE_COOKIE);
|
||||
$params = json_encode($_REQUEST);
|
||||
$log = "[$date] $object.$method called with $params";
|
||||
$log = "[$date] $object.$method called with $params\r\n";
|
||||
file_put_contents(OPENVK_ROOT . "/VKAPI/debug.log", $log, FILE_APPEND | LOCK_EX);
|
||||
}
|
||||
|
||||
|
@ -52,6 +52,20 @@ final class VKAPIPresenter extends OpenVKPresenter
|
|||
$this->fail(100, "Required parameter '$param' missing.", $object, $method);
|
||||
}
|
||||
|
||||
function onStartup(): void
|
||||
{
|
||||
parent::onStartup();
|
||||
|
||||
# idk, but in case we will ever support non-standard HTTP credential authflow
|
||||
$origin = "*";
|
||||
if(isset($_SERVER["HTTP_REFERER"])) {
|
||||
$refOrigin = parse_url($_SERVER["HTTP_REFERER"], PHP_URL_SCHEME) . "://" . parse_url($_SERVER["HTTP_REFERER"], PHP_URL_HOST);
|
||||
if($refOrigin !== false)
|
||||
$origin = $refOrigin;
|
||||
}
|
||||
header("Access-Control-Allow-Origin: $origin");
|
||||
}
|
||||
|
||||
function renderRoute(string $object, string $method): void
|
||||
{
|
||||
$authMechanism = $this->queryParam("auth_mechanism") ?? "token";
|
||||
|
@ -151,4 +165,4 @@ final class VKAPIPresenter extends OpenVKPresenter
|
|||
header("Content-Length: $size");
|
||||
exit($payload);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue