17 lines
552 B
PHP
17 lines
552 B
PHP
<?php
|
|
// app/helpers/cors.php
|
|
function cors_allow() {
|
|
$allowed = cfg('allowed_origins', []);
|
|
$origin = $_SERVER['HTTP_ORIGIN'] ?? '';
|
|
if ($origin && in_array($origin, $allowed, true)) {
|
|
header("Access-Control-Allow-Origin: {$origin}");
|
|
header("Vary: Origin");
|
|
}
|
|
header("Access-Control-Allow-Headers: Content-Type, X-Account-Id, X-License-Key, X-Dewemoji-Frontend, X-Dewemoji-Plan");
|
|
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
|
|
}
|
|
function cors_preflight() {
|
|
cors_allow();
|
|
http_response_code(204);
|
|
}
|
|
cors_allow(); |