protected function validateRequest(Request $request) { $origin = $request->headers->get('Origin'); if (!$this->isOriginAllowed($origin)) { throw new HttpResponseException($this->createOriginNotAllowedResponse($request)); } }