Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Discussion Cors php issues
Cors php issues
  • Offline paliz
    Member
  • ***
  • Posts: 236
    Threads: 19
    Joined: Oct 2020
    Reputation: 1
#4
04-16-2021, 01:03 PM

i find way to handle CORS  prefight strategy 

follow code you need middelwear(filter in ci4) to handle request before  any request send to host 
it should be global middelwear(filter in ci4)
go to path app/filters create CrosFilter.php  then add this  code 

// read  comment s  

PHP Code:
<?php namespace App\Filters;

use CodeIgniter\config\Services;
use CodeIgniter\HTTP\RequestInterface;
use CodeIgniter\HTTP\Response;
use CodeIgniter\HTTP\ResponseInterface;
use CodeIgniter\Filters\FilterInterface;


class CorsFilter implements FilterInterface
{
    public function after(RequestInterface $requestResponseInterface $response$arguments null)
    {


    }

    public function before(RequestInterface $request$arguments null)
    {
        // get origins
        if (array_key_exists('HTTP_ORIGIN'$_SERVER)) {
            $origin $_SERVER['HTTP_ORIGIN'];
        } else if (array_key_exists('HTTP_REFERER'$_SERVER)) {
            $origin $_SERVER['HTTP_REFERER'];
        } else {
            $origin $_SERVER['REMOTE_ADDR'];
        }
        $allowed_domains = array(
            'http://localhost:4200',
            'http://www.example.com',

        );

        // this code work on real host for example  www.example.com

        $response Services::response();
        $response->setHeader('Access-Control-Allow-Origin''www.example.com');
        $response->setHeader('Access-Control-Allow-Methods''GET, POST, OPTIONS, PUT, DELETE');
        $response->setHeader('Access-Control-Allow-Headers''Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token');
        $response->setHeader("Access-Control-Allow-Credentials""true");
        $response->setHeader('Access-Control-Max-Age''3600');
        $response->setStatusCode(Response::HTTP_OK'cors are  enable');
        $response->setContentType('application/json; charset=UTF-8');
        $response->send();

        if ($request->getMethod(true) == "OPTIONS"
        ) {
            die();

        }


        // this below code work on  localhost xammp server  localhost:8080


//        if (in_array($origin, $allowed_domains)) {
//            header('Access-Control-Allow-Origin: ' . $origin);
//        } else {
//            header('Access-Control-Allow-Origin: ' . site_url());
//        }
//
//        header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token");
//        header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
//        header("Access-Control-Allow-Credentials: true");
//        header("Access-Control-Max-Age: 3600");
//        header('content-type: application/json; charset=utf-8');
//        $method = $_SERVER['REQUEST_METHOD'];
//        if ($method == "OPTIONS") {
//            die();
//        }


    }






then go to  this path  app/config/filters add this filter to your project  


PHP Code:
<?php

namespace Config;

use App\Filters\AuthFilter;
use App\Filters\CorsFilter;
use App\Filters\CsrfFilter;
use App\Filters\JwtFilter;
use App\Filters\UrlFilter;
use CodeIgniter\Config\BaseConfig;
use CodeIgniter\Filters\CSRF;
use CodeIgniter\Filters\DebugToolbar;
use CodeIgniter\Filters\Honeypot;

class Filters extends BaseConfig
{
    /**
     * Configures aliases for Filter classes to
     * make reading things nicer and simpler.
     *
     * @var array
     */
    public $aliases = [
        //'csrf'     => CSRF::class,
        'toolbar' => DebugToolbar::class,
        'honeypot' => Honeypot::class,
        'csrf' => CsrfFilter::class,
        'cors' => CorsFilter::class,
        'auth' => AuthFilter::class,
        'jwt' => JwtFilter::class,
        'url' => UrlFilter::class,
    ];

    /**
     * List of filter aliases that are always
     * applied before and after every request.
     *
     * @var array
     */
    public $globals = [
        'before' => [
            // 'honeypot',
            'cors',
            'url',
              'csrf',

        ],
        'after' => [
            'toolbar',
              'csrf',
            // 'honeypot',
        ],
    ];

    /**
     * List of filter aliases that works on a
     * particular HTTP method (GET, POST, etc.).
     *
     * Example:
     * 'post' => ['csrf', 'throttle']
     *
     * @var array
     */
    public $methods = [

        //  'get' => ['csrf'],
        // 'post' => ['csrf'],
        // 'put' => ['csrf'],
        // 'delete' => ['csrf']

    ];

    /**
     * List of filter aliases that should run on any
     * before or after URI patterns.
     *
     * Example:
     * 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']]
     *
     * @var array
     */
    public $filters = [
        'auth' => ['before' => 'api*'],
        'jwt' => ['before' => 'api*',],

    ];

Enlightenment  Is  Freedom
Reply


Messages In This Thread
Cors php issues - by paliz - 04-15-2021, 08:11 AM
RE: Cors php issues - by InsiteFX - 04-15-2021, 08:58 PM
RE: Cors php issues - by paliz - 04-15-2021, 10:12 PM
RE: Cors php issues - by paliz - 04-16-2021, 01:03 PM
RE: Cors php issues - by InsiteFX - 04-16-2021, 08:36 PM
RE: Cors php issues - by paliz - 04-17-2021, 05:46 AM
RE: Cors php issues - by InsiteFX - 04-17-2021, 06:00 AM
RE: Cors php issues - by paliz - 04-17-2021, 06:31 AM
RE: Cors php issues - by paliz - 04-21-2021, 10:19 AM



Theme © iAndrew 2016 - Forum software by © MyBB