mirror of
				https://github.com/invoiceninja/invoiceninja.git
				synced 2025-10-26 18:32:53 -04:00 
			
		
		
		
	Shift automatically applies the Laravel coding style - which uses the PSR-2 coding style as a base with some minor additions. You may customize the code style applied by adding a [PHP CS Fixer][1] or [PHP CodeSniffer][2] ruleset to your project root. Feel free to use [Shift's Laravel ruleset][3] to help you get started. For more information on customizing the code style applied by Shift, [watch this short video][4]. [1]: https://github.com/FriendsOfPHP/PHP-CS-Fixer [2]: https://github.com/squizlabs/PHP_CodeSniffer [3]: https://gist.github.com/laravel-shift/cab527923ed2a109dda047b97d53c200 [4]: https://laravelshift.com/videos/shift-code-style
		
			
				
	
	
		
			37 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
			
		
		
	
	
			37 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			PHP
		
	
	
	
	
	
| <?php
 | |
| 
 | |
| namespace App\Http\Middleware;
 | |
| 
 | |
| use Closure;
 | |
| use Illuminate\Support\Facades\Response;
 | |
| use Symfony\Component\HttpFoundation\BinaryFileResponse;
 | |
| 
 | |
| class Cors
 | |
| {
 | |
|     public function handle($request, Closure $next)
 | |
|     {
 | |
|         if ($request->getMethod() == 'OPTIONS') {
 | |
|             header('Access-Control-Allow-Origin: *');
 | |
| 
 | |
|             // ALLOW OPTIONS METHOD
 | |
|             $headers = [
 | |
|                 'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
 | |
|                 'Access-Control-Allow-Headers'=> 'X-API-PASSWORD-BASE64,X-API-COMPANY-KEY,X-CLIENT-VERSION,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE',
 | |
|             ];
 | |
| 
 | |
|             return Response::make('OK', 200, $headers);
 | |
|         }
 | |
| 
 | |
|         $response = $next($request);
 | |
| 
 | |
|         $response->headers->set('Access-Control-Allow-Origin', '*');
 | |
|         $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
 | |
|         $response->headers->set('Access-Control-Allow-Headers', 'X-API-PASSWORD-BASE64,X-API-COMPANY-KEY,X-API-SECRET,X-API-TOKEN,X-API-PASSWORD,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-CSRF-TOKEN,X-XSRF-TOKEN,X-LIVEWIRE');
 | |
|         $response->headers->set('Access-Control-Expose-Headers', 'X-APP-VERSION,X-MINIMUM-CLIENT-VERSION');
 | |
|         $response->headers->set('X-APP-VERSION', config('ninja.app_version'));
 | |
|         $response->headers->set('X-MINIMUM-CLIENT-VERSION', config('ninja.minimum_client_version'));
 | |
| 
 | |
|         return $response;
 | |
|     }
 | |
| }
 |