Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CORS Policy to /api and Log.php endpoints #603

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add CORS Policy to /api and Log.php endpoints #603

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions api/index.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@

include_once('../owa_env.php');
require_once(OWA_BASE_DIR.'/owa_php.php');
require_once(OWA_BASE_DIR.'/owa_lib.php');

/**
* REST API
Expand All @@ -31,6 +32,8 @@
// define entry point cnstant
define('OWA_RESTAPI', true);

owa_lib::addCorsHeaders();

// invoke OWA
$owa = new owa_php;
$owa->setSetting('base', 'request_mode', 'rest_api');
Expand Down
28 changes: 13 additions & 15 deletions log.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,9 +50,10 @@
// removing any content encoding like gzip etc.
header('Content-encoding: none', true);

owa_lib::addCorsHeaders();

//check to se if request is a POST
if ($_SERVER['REQUEST_METHOD'] === 'POST') {

// redirect to blank.php
owa_lib::redirectBrowser( str_replace('log.php', 'blank.php', owa_lib::get_current_url() ) );
// necessary or else buffer is not actually flushed
Expand Down Expand Up @@ -81,28 +82,25 @@
// Create instance of OWA
require_once(OWA_BASE_DIR.'/owa.php');
$config = array(

'tracking_mode' => true
);

$owa = new owa( $config );

// check to see if this endpoint is enabled.
if ( $owa->isEndpointEnabled( basename( __FILE__ ) ) ) {

$owa->e->debug('Logging new tracking event...');

$service = owa_coreAPI::serviceSingleton();
$service->request->decodeRequestParams();
$event = owa_coreAPI::supportClassFactory('base', 'event');
$event->setEventType(owa_coreAPI::getRequestParam('event_type'));
$event->setProperties($service->request->getAllOwaParams());

owa_coreAPI::logEvent($event->getEventType(), $event);

} else {
if (!$owa->isEndpointEnabled( basename( __FILE__ ) ) ) {
// unload owa
$owa->restInPeace();
}

$owa->e->debug('Logging new tracking event...');

$service = owa_coreAPI::serviceSingleton();
$service->request->decodeRequestParams();
$event = owa_coreAPI::supportClassFactory('base', 'event');
$event->setEventType(owa_coreAPI::getRequestParam('event_type'));
$event->setProperties($service->request->getAllOwaParams());

owa_coreAPI::logEvent($event->getEventType(), $event);

?>
20 changes: 20 additions & 0 deletions owa_lib.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -568,6 +568,26 @@ public static function redirectBrowser($url) {
header ('HTTP/1.0 302 Found');
}

public static function addCorsHeaders()
{
// Loop through sites and add cors headers
if (!isset($_SERVER['HTTP_ORIGIN']) || $_SERVER['HTTP_ORIGIN'] == '') {
return;
}

foreach (owa_coreAPI::getSitesList() as $allowedOrigin) {
if ($allowedOrigin !== $_SERVER['HTTP_ORIGIN']) {
continue;
}

header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, METHOD');
header('Access-Control-Max-Age: 1000');
header('Access-Control-Allow-Headers: Content-Type');
break;
}
}

public static function makeLinkQueryString($query_params) {

$new_query_params = array();
Expand Down