Cross Origin Resource Sharing with PHP & YII

10/2/2018 - 10:28 AM

Cross Origin Resource Sharing with PHP & YII

// REST CORS pattern
// A preflight request is basically an OPTIONS request to ask for permission to use cross-domain features.
// So we have add the proper verb in the url manager rules (config/main.php):

array('api/preflight', 'pattern'=>'api/*', 'verb'=>'OPTIONS'),

functionSendResponse.php

// Where ever the function "_sendResponse" is located
// add these lines, this will allow CORS


// Allows from any origin
// Allows a header called Authorization
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Authorization");

ApiController.php

// add this to your API controller in Yii

public function actionPreflight() {
        $content_type = 'application/json';
        $status = 200;
 
        // set the status
        $status_header = 'HTTP/1.1 ' . $status . ' ' . $this->_getStatusCodeMessage($status);
        header($status_header);
 
        header("Access-Control-Allow-Origin: *");
        header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE");
        header("Access-Control-Allow-Headers: Authorization");
        header('Content-type: ' . $content_type);
    }

Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

Cross Origin Resource Sharing with PHP & YII