Conditions | 3 |
Paths | 3 |
Total Lines | 16 |
Lines | 0 |
Ratio | 0 % |
Changes | 0 |
1 | <?php |
||
29 | public function checkOrigin(string $headers): bool |
||
30 | { |
||
31 | preg_match('/Origin\:\s(.*?)\s/', $headers, $matches); |
||
32 | if (empty($matches[1])) { |
||
33 | $this->sendAndClose('No Origin header found.'); |
||
34 | return false; |
||
35 | } else { |
||
36 | $originHost = $matches[1]; |
||
37 | $allowedOrigins = $this->config->getOrigins(); |
||
38 | if (in_array($originHost, $allowedOrigins, true) === false) { |
||
39 | $this->sendAndClose('Host ' . $originHost . ' is not allowed to pass access control as origin.'); |
||
40 | return false; |
||
41 | } |
||
42 | } |
||
43 | return true; |
||
44 | } |
||
45 | |||
56 | } |