]> git.mxchange.org Git - quix0rs-gnu-social.git/commitdiff
projects / quix0rs-gnu-social.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 62977ad)
make cors header deactivatable
authorflyingmana <flyingmana@googlemail.com>
Wed, 29 Jun 2011 20:39:33 +0000 (22:39 +0200)
committerflyingmana <flyingmana@googlemail.com>
Wed, 29 Jun 2011 20:39:33 +0000 (22:39 +0200)
actions/hostmeta.php patch | blob | history
actions/userxrd.php patch | blob | history
config.php.sample patch | blob | history
lib/default.php patch | blob | history

diff --git a/actions/hostmeta.php b/actions/hostmeta.php
index 79ab2e0d9caca65dd93045737b0f8066d5fa9692..98c8a33ac986fde19069aac366d493cf8e90b2c1 100644 (file)
--- a/actions/hostmeta.php
+++ b/actions/hostmeta.php
@@ -59,7 +59,10 @@ class HostMetaAction extends Action
             Event::handle('EndHostMetaLinks', array(&$xrd->links));
         }
 
-        header('Access-Control-Allow-Origin: *');
+        global $config;
+        if($config['site']['cors'] === true){
+            header('Access-Control-Allow-Origin: *');
+        }
         header('Content-type: application/xrd+xml');
         print $xrd->toXML();
     }
diff --git a/actions/userxrd.php b/actions/userxrd.php
index 4851b0731cdeff7968bb0b8bb2929f045e8bfff3..e119d694368c128a6b2b6acf2292df10c6f8782a 100644 (file)
--- a/actions/userxrd.php
+++ b/actions/userxrd.php
@@ -30,7 +30,10 @@ class UserxrdAction extends XrdAction
     function prepare($args)
     {
         parent::prepare($args);
-        header('Access-Control-Allow-Origin: *');
+        global $config;
+        if($config['site']['cors'] === true){
+            header('Access-Control-Allow-Origin: *');
+        }
 
         $this->uri = $this->trimmed('uri');
         $this->uri = self::normalize($this->uri);
diff --git a/config.php.sample b/config.php.sample
index 5481ca539e591a10bb1ad0c6d94991bd9aeacb59..8389c333181c6321e47e4b8c4b4b7a973b1121c6 100644 (file)
--- a/config.php.sample
+++ b/config.php.sample
@@ -40,6 +40,8 @@ $config['site']['path'] = 'statusnet';
 // $config['site']['inviteonly'] = true;
 // Make the site invisible to  non-logged-in users
 // $config['site']['private'] = true;
+// Allow Cross-Origin Resource Sharing
+// $config['site']['cors'] = true;
 
 // If your web server supports X-Sendfile (Apache with mod_xsendfile,
 // lighttpd, nginx), you can enable X-Sendfile support for better
diff --git a/lib/default.php b/lib/default.php
index c1dfcbc87d073d762af4950420cdc35b3212b022..847610aea999dd81a33c7a8a112e88c36cdab6fa 100644 (file)
--- a/lib/default.php
+++ b/lib/default.php
@@ -61,6 +61,7 @@ $default =
               'textlimit' => 140,
               'indent' => true,
               'use_x_sendfile' => false,
+              'cors' => true,
               'notice' => null, // site wide notice text
               'build' => 1, // build number, for code-dependent cache
               ),
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)