protected function validatePreflightRequest(Request $request)
{
$origin = $request->headers->get('Origin');
if (!$this->isOriginAllowed($origin)) {
throw new HttpResponseException($this->createOriginNotAllowedResponse($request));
}
$method = $request->headers->get('Access-Control-Request-Method');
if ($method && !$this->isMethodAllowed($method)) {
throw new HttpResponseException($this->createMethodNotAllowedResponse($request));
}
if (!$this->isAllHeadersAllowed()) {
$headers = $request->headers->get('Access-Control-Request-Headers');
if (is_string($headers)) {
foreach (explode(', ', $headers) as $header) {
if (!$this->isHeaderAllowed($header)) {
throw new HttpResponseException($this->createHeaderNotAllowedResponse($request));
}
}
}
}
}
