send_origin_headers() WP 3.4.0

Send Access-Control-Allow-Origin and related headers if the current request is from an allowed origin.

If the request is an OPTIONS request, the script exits with either access control headers sent, or a 403 response if the origin is not allowed. For other request methods, you will receive a return value.

Хуков нет.

Возвращает

Строку|false. Returns the origin URL if headers are sent. Returns false if headers are not sent.

Использование

send_origin_headers();

Список изменений

Код send_origin_headers() send origin headers ^{WP 5.8.2}

function send_origin_headers() {
	$origin = get_http_origin();

	if ( is_allowed_http_origin( $origin ) ) {
		header( 'Access-Control-Allow-Origin: ' . $origin );
		header( 'Access-Control-Allow-Credentials: true' );
		if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
			exit;
		}
		return $origin;
	}

	if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
		status_header( 403 );
		exit;
	}

	return false;
}