Permalink
Browse files

Added domain flexibility to Access-Control-Allow-Origin header

  • Loading branch information...
1 parent f590a0e commit 2688d06830f79ba66522618120efa77beae7d49f @predominant predominant committed Mar 5, 2012
Showing with 6 additions and 0 deletions.
  1. +6 −0 Controller/SearchController.php
@@ -7,6 +7,12 @@ class SearchController extends AppController {
* Search the elastic search index.
*/
public function search() {
+ foreach (Configure::read('AccessControlAllowOrigin') as $domain) {
+ if (strpos($this->request->referer(), $domain) === 0) {
+ $this->response->header(array('Access-Control-Allow-Origin', $domain));
+ break;
+ }
+ }
if (empty($this->request->query['lang'])) {
throw new BadRequestException();
}

0 comments on commit 2688d06

Please sign in to comment.