Open wehowski opened 10 months ago
Searching the whole code for ACCESS-CONTROL
, I can find two instances:
OIDplusPagePublicObjects::restApiCall_OPTIONS()
originHeaders()
, located in functions.inc.phpEditing functions.inc.php and adding "TEST" to the output of originHeaders()
shows that a normal call to webwhois.php
only calls originHeaders()
once. Maybe you can do the same, to verify that originHeaders() is only called once. If it is only called once, please search your code base for the header name, e.g. grep -ir 'ACCESS-CONTROL'
Also, Are you sending JWT credentials using GET/POST, or anything special?
Additional note, I should carefully look at restApiCall_OPTIONS
and think about if it can/should be replaced by originHeaders()
. There seems to be a bug, see #22 .
I request webwhois.php from outside via javascript and have the error: "Dublicate Allow-Access-Origin Header"
If I uncomment originHeaders(); it works.
Maybe I have an own dirty plugin duplicating the header?
Btw/OT.: As in the guzzle issue: There are also PSR standards for HTTP-Response/Header handling and emitting. (#9)