MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: re-add CORS headers on REST Response

pull/4158/head
Hannah Ward 2019-02-14 18:05:28 +00:00
parent 066eac929e
commit 3a7911eb33
No known key found for this signature in database
GPG Key ID: 6F3BAD60DE190290
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/Controller/Component/RestResponseComponent.php
View File

@ -423,14 +423,23 @@ class RestResponseComponent extends Component
$type = 'json';
}
$cakeResponse = new CakeResponse(array('body'=> $response, 'status' => $code, 'type' => $type));
if (Configure::read('Security.allow_cors')) {
$headers["Access-Control-Allow-Headers"] = "Origin, Content-Type, Authorization, Accept";
$headers["Access-Control-Allow-Methods"] = "*";
$headers["Access-Control-Allow-Origin"] = explode(',', Configure::read('Security.cors_origins'));
}
if (!empty($headers)) {
foreach ($headers as $key => $value) {
$cakeResponse->header($key, $value);
}
}
if ($download) {
$cakeResponse->download($download);
}
return $cakeResponse;
}