voronoy · July 31, 2014 10:25 · gildonei · Jun 11, 2019
diff --git a/Lib\Routing\Filter\ApiCorsDispatcher.php b/Lib\Routing\Filter\ApiCorsDispatcher.php
 <?php

 App::uses('DispatcherFilter', 'Routing');

 /**
 * Api Cors Dispatcher
 */
 class ApiCorsDispatcher extends DispatcherFilter {

 	public $priority = 1;

 	public function beforeDispatch(CakeEvent $event) {
 		$request	 = $event->data['request'];
 		$response	 = $event->data['response'];
 		$origin		 = filter_has_var(INPUT_SERVER, 'HTTP_ORIGIN') ? filter_input(INPUT_SERVER, 'HTTP_ORIGIN') : '*';
 		$response->header('Access-Control-Allow-Origin', $origin);
 		$response->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
 		if (filter_has_var(INPUT_SERVER, 'HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) {
 			$response->header('Access-Control-Allow-Headers', filter_input(INPUT_SERVER, 'HTTP_ACCESS_CONTROL_REQUEST_HEADERS'));
 		}
 		if ($request->is('OPTIONS')) {
 			$event->stopPropagation();
 			return $response;
 		}
 	}

 }
	<?php

	App::uses('DispatcherFilter', 'Routing');

	/**
	* Api Cors Dispatcher
	*/
	class ApiCorsDispatcher extends DispatcherFilter {

	public $priority = 1;

	public function beforeDispatch(CakeEvent $event) {
	$request = $event->data['request'];
	$response = $event->data['response'];
	$origin = filter_has_var(INPUT_SERVER, 'HTTP_ORIGIN') ? filter_input(INPUT_SERVER, 'HTTP_ORIGIN') : '*';
	$response->header('Access-Control-Allow-Origin', $origin);
	$response->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
	if (filter_has_var(INPUT_SERVER, 'HTTP_ACCESS_CONTROL_REQUEST_HEADERS')) {
	$response->header('Access-Control-Allow-Headers', filter_input(INPUT_SERVER, 'HTTP_ACCESS_CONTROL_REQUEST_HEADERS'));
	}
	if ($request->is('OPTIONS')) {
	$event->stopPropagation();
	return $response;
	}
	}

	}