Skip to content

Instantly share code, notes, and snippets.

@brenopolanski
Last active April 24, 2023 23:09
Show Gist options
  • Save brenopolanski/e3dbdb1a16ebd685502ab5498b13dbda to your computer and use it in GitHub Desktop.
Save brenopolanski/e3dbdb1a16ebd685502ab5498b13dbda to your computer and use it in GitHub Desktop.
Nextcloud Cors with PHP Headers

Update nextcloud/remote.php:

try {
        require_once __DIR__ . '/lib/base.php';

        // All resources served via the DAV endpoint should have the strictest possible
        // policy. Exempted from this is the SabreDAV browser plugin which overwrites
        // this policy with a softer one if debug mode is enabled.
        header("Content-Security-Policy: default-src 'none';");

        // Allow from any origin
        if (isset($_SERVER['HTTP_ORIGIN'])) {
            // Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
            // you want to allow, and if so:
            header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
            header('Access-Control-Allow-Credentials: true');
            header('Access-Control-Max-Age: 86400');    // cache for 1 day
        }

        // Access-Control headers are received during OPTIONS requests
        if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

            if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
                // may also be using PATCH, HEAD etc
                header("Access-Control-Allow-Methods: GET, POST, PUT, MOVE, OPTIONS, PROPFIND");

            if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
                header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

            exit(0);
        }


        if (\OCP\Util::needUpgrade()) {
              // [...] (end of snippet)

Reference: https://stackoverflow.com/questions/8719276/cors-with-php-headers/9866124#9866124

Install NextCloud Server Using Composer On Ubuntu 16.04 / 18.04 With Apache2, MariaDB And PHP 7.2 Support

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment