Mirrors/shlink
1
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2026-03-09 16:53:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add new CORS configuration options

Browse Source
This commit is contained in:
Alejandro Celaya
2025-07-05 10:34:50 +02:00
parent c8e3b3df0a
commit 92d7a44cee
7 changed files with 74 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
module/Rest/src/Middleware/CrossDomainMiddleware.php
View File

@@ -10,12 +10,13 @@ use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Shlinkio\Shlink\Core\Config\Options\CorsOptions;
use function implode;
class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterface
readonly class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterface
{
public function __construct(private array $config)
public function __construct(private CorsOptions $options)
{
}
@@ -27,7 +28,7 @@ class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterfa
}
// Add Allow-Origin header
$response = $response->withHeader('Access-Control-Allow-Origin', '*');
$response = $this->options->responseWithAllowOrigin($request, $response);
if ($request->getMethod() !== self::METHOD_OPTIONS) {
return $response;
}
@@ -40,7 +41,7 @@ class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterfa
$corsHeaders = [
'Access-Control-Allow-Methods' => $this->resolveCorsAllowedMethods($response),
'Access-Control-Allow-Headers' => $request->getHeaderLine('Access-Control-Request-Headers'),
'Access-Control-Max-Age' => $this->config['max_age'],
'Access-Control-Max-Age' => $this->options->maxAge,
];
// Options requests should always be empty and have a 204 status code