Error202
/
yii2
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Minor [ci skip]

tags/2.0.16
Dmitry Naumenko 6 years ago committed by GitHub
parent
4b00d3ab8a
commit
0c3b3f79d5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      framework/filters/Cors.php

4
framework/filters/Cors.php
Unescape View File

@ -165,7 +165,7 @@ class Cors extends ActionFilter
}
if (in_array('*', $this->cors['Origin'], true)) {
// Per CORS standard(https://fetch.spec.whatwg.org), wildcard origins shouldn't be used together with credentials
// Per CORS standard (https://fetch.spec.whatwg.org), wildcard origins shouldn't be used together with credentials
if (isset($this->cors['Access-Control-Allow-Credentials']) && $this->cors['Access-Control-Allow-Credentials']) {
if (YII_DEBUG) {
throw new Exception("Allowing credentials for wildcard origins is insecure. Please specify more restrictive origins or set 'credentials' to false in your CORS configuration.");
@ -173,7 +173,7 @@ class Cors extends ActionFilter
Yii::error("Allowing credentials for wildcard origins is insecure. Please specify more restrictive origins or set 'credentials' to false in your CORS configuration.", __METHOD__);
}
} else {
$responseHeaders['Access-Control-Allow-Origin'] = "*";
$responseHeaders['Access-Control-Allow-Origin'] = '*';
}
}
}

Write Preview
Loading…
Cancel
Save