Fixing CORS multiple origins header

Addresses jacwright#115
jgonzalez-stack · Oct 17, 2018 · 119eee4 · 119eee4
1 parent 89f3cf5
commit 119eee4
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/source/Jacwright/RestServer/RestServer.php b/source/Jacwright/RestServer/RestServer.php
@@ -568,9 +568,7 @@ private function corsHeaders() {
 		if (in_array($currentOrigin, $allowedOrigin)) {
 			$allowedOrigin = array($currentOrigin); // array ; if there is a match then only one is enough
 		}
-		foreach($allowedOrigin as $allowed_origin) { // to support multiple origins
-			header("Access-Control-Allow-Origin: $allowed_origin");
-		}
+		header('Access-Control-Allow-Origin: ' . implode(', ', $allowedOrigin));
 		header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS');
 		header('Access-Control-Allow-Credential: true');
 		header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, Authorization');