@@ -33,19 +33,33 @@ public function handle(Request $request): Response
3333 } elseif ($ method'OPTIONS ' ) {
3434 $ responsenew Response (Response::OK , '' );
3535 $ allowHeaders$ this getProperty ('allowHeaders ' , 'Content-Type, X-XSRF-TOKEN ' );
36- $ responseaddHeader ('Access-Control-Allow-Headers ' , $ allowHeaders
36+ if ($ allowHeaders
37+ $ responseaddHeader ('Access-Control-Allow-Headers ' , $ allowHeaders
38+ }
3739 $ allowMethods$ this getProperty ('allowMethods ' , 'OPTIONS, GET, PUT, POST, DELETE, PATCH ' );
38- $ responseaddHeader ('Access-Control-Allow-Methods ' , $ allowMethods
40+ if ($ allowMethods
41+ $ responseaddHeader ('Access-Control-Allow-Methods ' , $ allowMethods
42+ }
3943 $ allowCredentials$ this getProperty ('allowCredentials ' , 'true ' );
40- $ responseaddHeader ('Access-Control-Allow-Credentials ' , $ allowCredentials
44+ if ($ allowCredentials
45+ $ responseaddHeader ('Access-Control-Allow-Credentials ' , $ allowCredentials
46+ }
4147 $ maxAge$ this getProperty ('maxAge ' , '1728000 ' );
42- $ responseaddHeader ('Access-Control-Max-Age ' , $ maxAge
48+ if ($ maxAge
49+ $ responseaddHeader ('Access-Control-Max-Age ' , $ maxAge
50+ }
51+ $ exposeHeaders$ this getProperty ('exposeHeaders ' , '' );
52+ if ($ exposeHeaders
53+ $ responseaddHeader ('Access-Control-Expose-Headers ' , $ exposeHeaders
54+ }
4355 } else {
4456 $ response$ this next ->handle ($ request
4557 }
4658 if ($ origin
4759 $ allowCredentials$ this getProperty ('allowCredentials ' , 'true ' );
48- $ responseaddHeader ('Access-Control-Allow-Credentials ' , $ allowCredentials
60+ if ($ allowCredentials
61+ $ responseaddHeader ('Access-Control-Allow-Credentials ' , $ allowCredentials
62+ }
4963 $ responseaddHeader ('Access-Control-Allow-Origin ' , $ origin
5064 }
5165 return $ response
0 commit comments