From a070677dd9a80c9f48c9e1f5d87e63b7ba1410c7 Mon Sep 17 00:00:00 2001 From: Ruben Date: Thu, 3 Nov 2016 03:36:26 +0100 Subject: [PATCH] cors fix --- www/index.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/www/index.php b/www/index.php index f6a22f9..d24f4a7 100644 --- a/www/index.php +++ b/www/index.php @@ -21,7 +21,12 @@ if(ini_get('max_file_uploads') < 50) { throw new Exception("php directive 'max_file_uploads' should be >= 50"); } -header("Access-Control-Allow-Origin: https://emotionhero.com"); +$http_origin = $_SERVER['HTTP_ORIGIN']; +if ($http_origin == "https://emotionhero.com" || $http_origin == "http://emotionhero.com") +{ + header("Access-Control-Allow-Origin: $http_origin"); +} +// header("Access-Control-Allow-Origin: https://emotionhero.com"); header("Access-Control-Allow-Methods: POST, GET, OPTIONS"); header("Access-Control-Allow-Headers: X-PINGOTHER"); header("Access-Control-Max-Age: 1728000");