Skip to content

Instantly share code, notes, and snippets.

@f0t0n
Created May 29, 2012 06:44
Show Gist options
  • Save f0t0n/2822993 to your computer and use it in GitHub Desktop.
Save f0t0n/2822993 to your computer and use it in GitHub Desktop.
<?php
// domain => apiKey dictionary
$allowedDomains = array(
'domain-from.com' => 's0m3d0ma1n1d',
);
$host = parse_url($_SERVER['HTTP_ORIGIN'], PHP_URL_HOST);
if(!empty($host)
&& isset($allowedDomains[$host])
&& isset($_POST['apiKey'])
&& $allowedDomains[$host] == $_POST['apiKey']) {
$headers = array(
'Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN'],
'Access-Control-Allow-Methods: POST, GET, OPTIONS',
'Access-Control-Max-Age: 1000',
'Access-Control-Allow-Headers: Content-Type',
);
foreach($headers as $header) {
header($header);
}
}
var_dump($_GET, $_POST);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment