Deprecate the parameters for Response::cors().

The builder gives a more useful and expressive interface for setting cors options. The other parameters will be removed in 4.x
cakephp · Nov 21, 2015 · 7aa662e · 7aa662e
1 parent 719e9da
commit 7aa662e
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/src/Network/Response.php b/src/Network/Response.php
@@ -1347,22 +1347,27 @@ public function cookie($options = null)
      * cors($request, ['http://www.cakephp.org', '*.google.com', 'https://myproject.github.io']);
      * ```
      *
+     * *Note* The `$allowedDomains`, `$allowedMethods`, `$allowedHeaders` parameters are deprectated.
+     * Instead the builder object should be used.
+     *
      * @param \Cake\Network\Request $request Request object
      * @param string|array $allowedDomains List of allowed domains, see method description for more details
      * @param string|array $allowedMethods List of HTTP verbs allowed
      * @param string|array $allowedHeaders List of HTTP headers allowed
      * @return \Cake\Network\CorsBuilder A builder object the provides a fluent interface for defining
      *   additional CORS headers.
      */
-    public function cors(Request $request, $allowedDomains, $allowedMethods = [], $allowedHeaders = [])
+    public function cors(Request $request, $allowedDomains = [], $allowedMethods = [], $allowedHeaders = [])
     {
         $origin = $request->header('Origin');
         $ssl = $request->is('ssl');
         $builder = new CorsBuilder($this, $origin, $ssl);
         if (!$origin) {
             return $builder;
         }
-        $builder->allowOrigin($allowedDomains);
+        if ($allowedDomains) {
+            $builder->allowOrigin($allowedDomains);
+        }
         if ($allowedMethods) {
             $builder->allowMethods((array)$allowedMethods);
         }