OilfieldToolsNet/shlink
4
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2024-11-22 08:56:42 -06:00
Code Issues Packages Projects Releases Wiki Activity

Changed value returned in Access-Control-Allow-Origin so that it is always set to '*'

Browse Source
This commit is contained in:
Alejandro Celaya 2021-01-24 09:22:46 +01:00
parent f57303f8c0
commit 76aa6502db
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
module/Rest/src/Middleware/CrossDomainMiddleware.php
View File

@ -32,7 +32,7 @@ class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterfa
}
// Add Allow-Origin header
$response = $response->withHeader('Access-Control-Allow-Origin', $request->getHeader('Origin'));
$response = $response->withHeader('Access-Control-Allow-Origin', '*');
if ($request->getMethod() !== self::METHOD_OPTIONS) {
return $response;
}

2
module/Rest/test-api/Middleware/CorsTest.php
View File

@ -35,7 +35,7 @@ class CorsTest extends ApiTestCase
]);
self::assertEquals($expectedStatusCode, $resp->getStatusCode());
self::assertEquals($origin, $resp->getHeaderLine('Access-Control-Allow-Origin'));
self::assertEquals('*', $resp->getHeaderLine('Access-Control-Allow-Origin'));
self::assertFalse($resp->hasHeader('Access-Control-Allow-Methods'));
self::assertFalse($resp->hasHeader('Access-Control-Max-Age'));
self::assertFalse($resp->hasHeader('Access-Control-Allow-Headers'));

4
module/Rest/test/Middleware/CrossDomainMiddlewareTest.php
View File

@ -61,7 +61,7 @@ class CrossDomainMiddlewareTest extends TestCase
$headers = $response->getHeaders();
self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
self::assertEquals('*', $response->getHeaderLine('Access-Control-Allow-Origin'));
self::assertArrayNotHasKey('Access-Control-Allow-Methods', $headers);
self::assertArrayNotHasKey('Access-Control-Max-Age', $headers);
self::assertArrayNotHasKey('Access-Control-Allow-Headers', $headers);
@ -82,7 +82,7 @@ class CrossDomainMiddlewareTest extends TestCase
$headers = $response->getHeaders();
self::assertEquals('local', $response->getHeaderLine('Access-Control-Allow-Origin'));
self::assertEquals('*', $response->getHeaderLine('Access-Control-Allow-Origin'));
self::assertArrayHasKey('Access-Control-Allow-Methods', $headers);
self::assertEquals('1000', $response->getHeaderLine('Access-Control-Max-Age'));
self::assertEquals('foo, bar, baz', $response->getHeaderLine('Access-Control-Allow-Headers'));