Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Enabling CORS in CakePHP app

Tags:

php

cors

cakephp

I am trying to enable CORS for an API built in CakePHP so that all requests are accessible with the following in the AppController:

public function beforeFilter()
{
    header("Access-Control-Allow-Origin: *");
}

Is this in the wrong place? As requests are still being blocked.

Update: It seems this does in fact work BUT because I am doing something like:

header('Content-Type: application/json');
echo json_encode(array('message'=>'Hello world!'));

In some of my methods it's acting as though it's overriding the header set the AppController so it's not appearing in the response for the JSON calls. Any ideas?

Update 2: Returning JSON like below, fixes the problem:

$this->response->type('json');
$this->response->body(json_encode(array('message'=>'Hello world!')));

So apparently using header() in Cake breaks previous headers?

like image 213
Cameron Avatar asked Feb 18 '13 21:02

Cameron


1 Answers

You can do this using the cake response object;

$this->response->header('Access-Control-Allow-Origin', '*');

More info on the response object; http://book.cakephp.org/2.0/en/controllers/request-response.html#setting-headers

However, the beforeRender() callback seems a more logical location.

Another option is to add this header in your apache vhost or htaccess examples can be found in the htaccess file of Html5Boilerplate which is a very interesting thing to look at (well documented), because it contains a lot of optimisations that work nicely with cakephp as well;

https://github.com/h5bp/server-configs-apache/blob/master/dist/.htaccess

http://html5boilerplate.com/

like image 190
thaJeztah Avatar answered Oct 21 '22 08:10

thaJeztah