Change access control to implement more of CORS. Change so OPTIONS requests don't do an actual search/reverse request

This commit is contained in:
Brian Quinion
2012-12-17 00:24:58 +00:00
parent 89af917105
commit 0dd10c3fff
7 changed files with 17 additions and 7 deletions

View File

@@ -1,6 +1,14 @@
<?php
require_once('init.php');
if (CONST_NoAccessControl)
{
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: OPTIONS,GET");
header("Access-Control-Allow-Headers: ".$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
}
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;
if (CONST_ClosedForIndexing && strpos(CONST_ClosedForIndexingExceptionIPs, ','.$_SERVER["REMOTE_ADDR"].',') === false)
{
echo "Closed for re-indexing...";