v2board/app/Http/Middleware/CORS.php
2020-01-11 13:36:52 +08:00

28 lines
873 B
PHP
Executable File

<?php
namespace App\Http\Middleware;
use Closure;
class CORS
{
public function handle($request, Closure $next)
{
$origin = $request->header('origin');
if (empty($origin)) {
$referer = $request->header('referer');
if (!empty($referer) && preg_match("/^((https|http):\/\/)?([^\/]+)/i", $referer, $matches)) {
$origin = $matches[0];
}
}
$response = $next($request);
$response->header('Access-Control-Allow-Origin', trim($origin, '/'));
$response->header('Access-Control-Allow-Methods', 'GET,POST,OPTIONS');
$response->header('Access-Control-Allow-Headers', 'Content-Type,X-Requested-With');
$response->header('Access-Control-Allow-Credentials', 'true');
$response->header('Access-Control-Max-Age', 10080);
return $response;
}
}