akalongman /
laravel-lodash
| @@ 36-43 (lines=8) @@ | ||
| 33 | ||
| 34 | $origin = $request->headers->get('Origin', ''); |
|
| 35 | $host = $this->parseUrl($origin); |
|
| 36 | if (empty($host)) { |
|
| 37 | $this->logRequest('Origin is invalid', [ |
|
| 38 | 'origin' => $origin, |
|
| 39 | 'parsed' => $host, |
|
| 40 | ]); |
|
| 41 | ||
| 42 | return $this->response($request, 'Origin is invalid', Response::HTTP_BAD_REQUEST); |
|
| 43 | } |
|
| 44 | ||
| 45 | $allowed_origins = config('lodash.cors.allow_origins', []); |
|
| 46 | $current_app = $this->parseUrl(config('app.url', '')); |
|
| @@ 59-66 (lines=8) @@ | ||
| 56 | } |
|
| 57 | } |
|
| 58 | ||
| 59 | if (! $found) { |
|
| 60 | $this->logRequest('Origin is not allowed', [ |
|
| 61 | 'origin' => $origin, |
|
| 62 | 'parsed' => $host, |
|
| 63 | ]); |
|
| 64 | ||
| 65 | return $this->response($request, 'Origin is not allowed', Response::HTTP_METHOD_NOT_ALLOWED); |
|
| 66 | } |
|
| 67 | ||
| 68 | if ($request->method() === Request::METHOD_OPTIONS) { |
|
| 69 | $allowed_headers = config('lodash.cors.allow_headers'); |
|
