Multiple Access-Control-Allow-Origin Headers

[m-schreiber]

Hi There, just hit a Problem - would be nice if you could implement it.

Multiple "Access-Control-Allow-Origin"-Headers are not allowed: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSMultipleAllowOriginNotAllowed

Instead of

foreach($allowedOrigin as $allowed_origin) { // to support multiple origins
	header("Access-Control-Allow-Origin: $allowed_origin");
}

do

header("Access-Control-Allow-Origin: ".implode(", ",$allowed_origin);

[jacwright]

Let me know if https://github.com/jacwright/RestServer/pull/116 works for you.

[m-schreiber]

yes - this should work for me - will get back if i integrate a new version of your rest-server into my project - but my workaround looks and works the same:

$server = new \Jacwright\RestServer\RestServer($config["mode"]);
$server->useCors = false;
$server->allowedOrigin = $config["allowedOrigin"];

$server->addClass(...);

header("Access-Control-Allow-Origin: ".implode(", ",$config["allowedOrigin"]));
header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS');
header('Access-Control-Allow-Credential: true');
header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, Authorization');
if ($server->getMethod() == 'OPTIONS')
{
    //Exit because of Bug in RestServer that makes it crash when not using cors
    exit;
}

$server->handle();