yii\filters\Cors::prepareAllowHeaders PHP Method

Cors Class Documentation Show file Open project: yiisoft/yii2

prepareAllowHeaders() protected method

Handle classic CORS request to avoid duplicate code

protected prepareAllowHeaders ( string $type, array $requestHeaders, array &$responseHeaders )
$type	string	the kind of headers we would handle
$requestHeaders	array	CORS headers request by client
$responseHeaders	array	CORS response headers sent to the client

    protected function prepareAllowHeaders($type, $requestHeaders, &$responseHeaders)
    {
        $requestHeaderField = 'Access-Control-Request-' . $type;
        $responseHeaderField = 'Access-Control-Allow-' . $type;
        if (!isset($requestHeaders[$requestHeaderField], $this->cors[$requestHeaderField])) {
            return;
        }
        if (in_array('*', $this->cors[$requestHeaderField])) {
            $responseHeaders[$responseHeaderField] = $this->headerize($requestHeaders[$requestHeaderField]);
        } else {
            $requestedData = preg_split("/[\\s,]+/", $requestHeaders[$requestHeaderField], -1, PREG_SPLIT_NO_EMPTY);
            $acceptedData = array_uintersect($requestedData, $this->cors[$requestHeaderField], 'strcasecmp');
            if (!empty($acceptedData)) {
                $responseHeaders[$responseHeaderField] = implode(', ', $acceptedData);
            }
        }
    }

Cors

addCorsHeaders

beforeAction

extractHeaders

headerize

headerizeToPhp

overrideDefaultSettings

prepareAllowHeaders

prepareHeaders