diff --git a/www-api/app/Controllers/WrenchApi.php b/www-api/app/Controllers/WrenchApi.php index 26b2d746..df77a0d6 100644 --- a/www-api/app/Controllers/WrenchApi.php +++ b/www-api/app/Controllers/WrenchApi.php @@ -253,26 +253,6 @@ class WrenchApi extends BaseController return $in; } public function apigate(){ - - if (array_key_exists('HTTP_ORIGIN', $_SERVER)) { - $origin = $_SERVER['HTTP_ORIGIN']; - } else if (array_key_exists('HTTP_REFERER', $_SERVER)) { - $origin = $_SERVER['HTTP_REFERER']; - } else { - $origin = $_SERVER['REMOTE_ADDR']; - } - $allowed_domains = array( - 'http://localhost:9082/', - 'https://users.wrenchboard.com/', - ); - - - if (in_array($origin, $allowed_domains)) { - header('Access-Control-Allow-Origin: ' . $origin); - } - -/* - //$request = service('request'); header('Access-Control-Allow-Origin: *'); //header("Access-Control-Allow-Origin: http://localhost:9057 "); header('Access-Control-Expose-Headers: Access-Control-Allow-Origin'); @@ -280,7 +260,7 @@ class WrenchApi extends BaseController //header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With"); header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS'); header('Content-type: application/json'); -*/ + //$request = service('request'); // what is the endpoint $uri = urldecode(current_url(true)); $findme = '?'; @@ -289,7 +269,6 @@ class WrenchApi extends BaseController $uri = substr($uri, 0, $pos); } log_message('critical', "API-GATE URI -> ".$uri ); - $pieces = explode('/', $uri); $psc = count($pieces); diff --git a/www-api/app/Filters/Cors.php b/www-api/app/Filters/Cors.php index a4ac18dc..aec816b5 100644 --- a/www-api/app/Filters/Cors.php +++ b/www-api/app/Filters/Cors.php @@ -25,7 +25,6 @@ class Cors implements FilterInterface */ public function before(RequestInterface $request, $arguments = null) { - if (array_key_exists('HTTP_ORIGIN', $_SERVER)) { $origin = $_SERVER['HTTP_ORIGIN']; } else if (array_key_exists('HTTP_REFERER', $_SERVER)) { @@ -36,13 +35,14 @@ class Cors implements FilterInterface $allowed_domains = array( 'http://localhost:9082/', 'https://users.wrenchboard.com/', + 'http://localhost:9083/', + 'http://10.204.5.100:9082/', + 'http://10.204.5.100:9083/', ); - if (in_array($origin, $allowed_domains)) { header('Access-Control-Allow-Origin: ' . $origin); } - header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token"); header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS"); header("Access-Control-Allow-Credentials: true");