Mirrors/shlink
1
0
Fork 0
mirror of https://github.com/shlinkio/shlink.git synced 2026-02-28 04:03:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
2151b97becf7c7f75beb917793fd69803217cc1d
shlink/module/Rest/src/Middleware/CrossDomainMiddleware.php
Alejandro Celaya 2151b97bec Project migrated from zend to laminas
2020-01-01 21:13:09 +01:00

63 lines
2.2 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
namespace Shlinkio\Shlink\Rest\Middleware;
use Fig\Http\Message\RequestMethodInterface;
use Mezzio\Router\RouteResult;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Http\Server\RequestHandlerInterface;
use Shlinkio\Shlink\Rest\Authentication;
use function implode;
class CrossDomainMiddleware implements MiddlewareInterface, RequestMethodInterface
{
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$response = $handler->handle($request);
if (! $request->hasHeader('Origin')) {
return $response;
}
// Add Allow-Origin header
$response = $response->withHeader('Access-Control-Allow-Origin', $request->getHeader('Origin'))
->withHeader('Access-Control-Expose-Headers', implode(', ', [
Authentication\Plugin\ApiKeyHeaderPlugin::HEADER_NAME,
]));
if ($request->getMethod() !== self::METHOD_OPTIONS) {
return $response;
}
return $this->addOptionsHeaders($request, $response);
}
private function addOptionsHeaders(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
{
/** @var RouteResult|null $matchedRoute */
$matchedRoute = $request->getAttribute(RouteResult::class);
$matchedMethods = $matchedRoute !== null ? $matchedRoute->getAllowedMethods() : [
self::METHOD_GET,
self::METHOD_POST,
self::METHOD_PUT,
self::METHOD_PATCH,
self::METHOD_DELETE,
self::METHOD_OPTIONS,
];
$corsHeaders = [
'Access-Control-Allow-Methods' => implode(',', $matchedMethods),
'Access-Control-Max-Age' => '1000',
'Access-Control-Allow-Headers' => $request->getHeaderLine('Access-Control-Request-Headers'),
];
foreach ($corsHeaders as $key => $value) {
$response = $response->withHeader($key, $value);
}
return $response;
}
}
Reference in New Issue View Git Blame Copy Permalink