From 536c0121f84ba74102055477e5df5d133fc5a20d Mon Sep 17 00:00:00 2001 From: Lung Date: Sun, 19 May 2024 13:25:44 +0200 Subject: [PATCH] added CORS header for specific routes --- src/Application/Route.php | 3 +++ .../AddCorsHeaderForAppDomainsMiddleware.php | 21 +++++++++++++++++++ 2 files changed, 24 insertions(+) create mode 100644 src/Middleware/AddCorsHeaderForAppDomainsMiddleware.php diff --git a/src/Application/Route.php b/src/Application/Route.php index 1006a592..df481e5f 100755 --- a/src/Application/Route.php +++ b/src/Application/Route.php @@ -8,6 +8,7 @@ use kissj\Entry\EntryController; use kissj\Event\EventController; use kissj\Export\ExportController; +use kissj\Middleware\AddCorsHeaderForAppDomainsMiddleware; use kissj\Middleware\AdminPaymentsOnlyMiddleware; use kissj\Middleware\AdminsOnlyMiddleware; use kissj\Middleware\ApiAuthorizedOnlyMiddleware; @@ -309,10 +310,12 @@ public function addRoutesInto(App $app): App $app->post('/participant/{participantId}', EntryController::class . '::entryParticipantFromWebApp') ->add(ApiAuthorizedOnlyMiddleware::class) + ->add(AddCorsHeaderForAppDomainsMiddleware::class) ->setName('entry-participant-from-web-app'); $app->post('/troop/{participantId}', EntryController::class . '::entryTroopFromWebApp') ->add(ApiAuthorizedOnlyMiddleware::class) + ->add(AddCorsHeaderForAppDomainsMiddleware::class) ->setName('entry-troop-from-web-app'); }); diff --git a/src/Middleware/AddCorsHeaderForAppDomainsMiddleware.php b/src/Middleware/AddCorsHeaderForAppDomainsMiddleware.php new file mode 100644 index 00000000..e9bc0b6e --- /dev/null +++ b/src/Middleware/AddCorsHeaderForAppDomainsMiddleware.php @@ -0,0 +1,21 @@ +handle($request); + $response = $response->withAddedHeader('Access-Control-Allow-Origin', 'https://kissj.skauting.net'); + + return $response; + } +}