public function preflightRequests($allowCredentials = 'true', $allowMethods = 'GET, POST, PUT, DELETE, OPTIONS', $allowHeaders = 'Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With')
{
$httpOrigin = $this->getDI()->getRequest()->getHeader('HTTP_ORIGIN');
if (empty($httpOrigin)) {
return;
}
if ($this->isOriginIsSameAsHost()) {
return;
}
if (!$this->isHttpOriginIsInTheWhiteList()) {
throw new OriginNotAllowedException('Http Origin Is Not Allowed');
}
$this->getDI()->getResponse()->setHeader('Access-Control-Allow-Credentials', (string) $allowCredentials);
$this->getDI()->getResponse()->setHeader('Access-Control-Allow-Origin', $httpOrigin);
$this->getDI()->getResponse()->setHeader('Access-Control-Allow-Methods', $allowMethods);
$this->getDI()->getResponse()->setHeader('Access-Control-Allow-Headers', $allowHeaders);
if (strtoupper($this->getDI()->getRequest()->getMethod()) == 'OPTIONS') {
$this->getDI()->getResponse()->send();
return;
}
}