From 61453305878f2661d07e377bd39ca269c491762d Mon Sep 17 00:00:00 2001 From: Jiri Slezka Date: Fri, 21 Aug 2020 12:07:27 +0200 Subject: [PATCH 1/2] support for custom headers in Access-Control-Allow-Headers --- source/Jacwright/RestServer/RestServer.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/source/Jacwright/RestServer/RestServer.php b/source/Jacwright/RestServer/RestServer.php index 9e84b47..509dfb0 100755 --- a/source/Jacwright/RestServer/RestServer.php +++ b/source/Jacwright/RestServer/RestServer.php @@ -56,6 +56,7 @@ class RestServer { public $useCors = false; public $allowedOrigin = '*'; + public $allowedHeaders = ''; protected $data = null; // special parameter for post data protected $query = null; // special parameter for query string @@ -568,12 +569,17 @@ private function corsHeaders() { if (in_array($currentOrigin, $allowedOrigin)) { $allowedOrigin = array($currentOrigin); // array ; if there is a match then only one is enough } + // test if we want to add custome headers to Access-Control-Allow-Headers + $customHeaders = ''; + if (is_array($this->allowedHeaders) && !empty($this->allowedHeaders)) { + $customHeaders = ", ".implode(", ",$this->allowedHeaders); + } foreach($allowedOrigin as $allowed_origin) { // to support multiple origins header("Access-Control-Allow-Origin: $allowed_origin"); } header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS'); header('Access-Control-Allow-Credential: true'); - header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, Authorization'); + header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, Authorization'.$customHeaders); } private $codes = array( From 7f2818b13da8c1a2d1d24d92426c665ebc29fa68 Mon Sep 17 00:00:00 2001 From: Jiri Slezka Date: Wed, 20 Aug 2025 22:26:41 +0200 Subject: [PATCH 2/2] Allow add also class in addClass instead of just class name. Useful for DI. --- .gitignore | 3 +++ source/Jacwright/RestServer/RestServer.php | 14 +++++++++++--- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 82cfc4e..24d593c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ .idea composer.lock vendor +/nbproject/private/ +/nbproject/project.properties +/nbproject/project.xml diff --git a/source/Jacwright/RestServer/RestServer.php b/source/Jacwright/RestServer/RestServer.php index 657ac29..f5534af 100755 --- a/source/Jacwright/RestServer/RestServer.php +++ b/source/Jacwright/RestServer/RestServer.php @@ -136,11 +136,19 @@ public function handle() { list($obj, $method, $params, $this->params, $noAuth) = $this->findUrl(); if ($obj) { - if (is_string($obj) && !($obj = $this->instantiateClass($obj))) { - throw new Exception("Class $obj does not exist"); + if (is_string($obj)) { + $newObj = $this->instantiateClass($obj); + if (!$newObj) { + throw new Exception("Class $obj does not exist"); + } + $obj = $newObj; } - $obj->server = $this; + if (is_object($obj)) { + $obj->server = $this; + } else { + throw new Exception("Class $obj does not exist"); + } try { $this->initClass($obj);