قرینه از
https://github.com/matomo-org/matomo.git
synced 2025-08-21 22:47:43 +00:00
9a3ef94df6
* [Coding Style] Enable rule PSR12.Files.FileHeader * Apply CS * Replace Piwik with Matomo in file headers * Unify file headers (position, no. of lines, https links) * Rebuild dist files * Apply CS * Fix system test that relies on line numbers in a file that had the file header updated --------- Co-authored-by: Stefan Giehl <stefan@matomo.org>
58 خطوط
1.4 KiB
PHP
58 خطوط
1.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Matomo - free/libre analytics platform
|
|
*
|
|
* @link https://matomo.org
|
|
* @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
|
*/
|
|
|
|
namespace Piwik\API;
|
|
|
|
use Piwik\Common;
|
|
use Piwik\Url;
|
|
|
|
class CORSHandler
|
|
{
|
|
/**
|
|
* @var array
|
|
*/
|
|
protected $domains;
|
|
|
|
public function __construct()
|
|
{
|
|
$this->domains = Url::getCorsHostsFromConfig();
|
|
}
|
|
|
|
public function handle()
|
|
{
|
|
if (empty($this->domains)) {
|
|
return;
|
|
}
|
|
|
|
Common::sendHeader('Vary: Origin');
|
|
|
|
// allow Piwik to serve data to all domains
|
|
if (in_array("*", $this->domains)) {
|
|
Common::sendHeader('Access-Control-Allow-Credentials: true');
|
|
|
|
if (!empty($_SERVER['HTTP_ORIGIN'])) {
|
|
Common::sendHeader('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
|
|
return;
|
|
}
|
|
|
|
Common::sendHeader('Access-Control-Allow-Origin: *');
|
|
return;
|
|
}
|
|
|
|
// specifically allow if it is one of the allowlisted CORS domains
|
|
if (!empty($_SERVER['HTTP_ORIGIN'])) {
|
|
$origin = $_SERVER['HTTP_ORIGIN'];
|
|
if (in_array($origin, $this->domains, true)) {
|
|
Common::sendHeader('Access-Control-Allow-Credentials: true');
|
|
Common::sendHeader('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
|
|
}
|
|
}
|
|
}
|
|
}
|