diff --git a/www-api/app/Controllers/WrenchApi.php b/www-api/app/Controllers/WrenchApi.php index df77a0d6..80053956 100644 --- a/www-api/app/Controllers/WrenchApi.php +++ b/www-api/app/Controllers/WrenchApi.php @@ -253,13 +253,32 @@ class WrenchApi extends BaseController return $in; } public function apigate(){ + log_message('critical', "0001"); header('Access-Control-Allow-Origin: *'); + log_message('critical', "0002"); + /* //header("Access-Control-Allow-Origin: http://localhost:9057 "); header('Access-Control-Expose-Headers: Access-Control-Allow-Origin'); //header('Access-Control-Allow-Credentials: true '); //header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With"); + header('Access-Control-Allow-Headers :Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token'); header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS'); header('Content-type: application/json'); + */ + + header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token"); + log_message('critical', "0003"); + header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS"); + header("Access-Control-Allow-Credentials: true"); + header("Access-Control-Max-Age: 3600"); + header('content-type: application/json; charset=utf-8'); + $method = $_SERVER['REQUEST_METHOD']; + if ($method == "OPTIONS") { + header("HTTP/1.1 200 OK CORS"); + log_message('critical', " apigate()-> OPTIONS DIE*****" ); + die(); + } + //$request = service('request'); // what is the endpoint $uri = urldecode(current_url(true));