Changeset

3226:3b13f19652e2

mod_http_upload_external: Update share.php and share_v2.php to allow cross-domain requests
author Matthew Wild <mwild1@gmail.com>
date Tue, 14 Aug 2018 17:47:44 +0100
parents 3225:517c7f0333e3
children 3227:62c82d097017
files mod_http_upload_external/share.php mod_http_upload_external/share_v2.php
diffstat 2 files changed, 14 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mod_http_upload_external/share.php	Mon Aug 13 03:35:42 2018 +0200
+++ b/mod_http_upload_external/share.php	Tue Aug 14 17:47:44 2018 +0100
@@ -69,6 +69,12 @@
 
 $request_method = $_SERVER['REQUEST_METHOD'];
 
+/* Set CORS headers */
+header('Access-Control-Allow-Methods: GET, PUT, OPTIONS');
+header('Access-Control-Allow-Headers: Content-Type');
+header('Access-Control-Max-Age: 7200');
+header('Access-Control-Allow-Origin: *');
+
 if(array_key_exists('v', $_GET) === TRUE && $request_method === 'PUT') {
 	$upload_file_size = $_SERVER['CONTENT_LENGTH'];
 	$upload_token = $_GET['v'];
@@ -122,6 +128,7 @@
 	} else {
 		header('HTTP/1.0 404 Not Found');
 	}
+} else if($request_method === 'OPTIONS') {
 } else {
 	header('HTTP/1.0 400 Bad Request');
 }
--- a/mod_http_upload_external/share_v2.php	Mon Aug 13 03:35:42 2018 +0200
+++ b/mod_http_upload_external/share_v2.php	Tue Aug 14 17:47:44 2018 +0100
@@ -70,6 +70,12 @@
 
 $request_method = $_SERVER['REQUEST_METHOD'];
 
+/* Set CORS headers */
+header('Access-Control-Allow-Methods: GET, PUT, OPTIONS');
+header('Access-Control-Allow-Headers: Content-Type');
+header('Access-Control-Max-Age: 7200');
+header('Access-Control-Allow-Origin: *');
+
 if(array_key_exists('v2', $_GET) === TRUE && $request_method === 'PUT') {
 	error_log(var_export($_SERVER, TRUE));
 	$upload_file_size = $_SERVER['CONTENT_LENGTH'];
@@ -141,6 +147,7 @@
 	} else {
 		header('HTTP/1.0 404 Not Found');
 	}
+} else if($request_method === 'OPTIONS') {
 } else {
 	header('HTTP/1.0 400 Bad Request');
 }