php - What is the best alternative to HTTP_ORIGIN/HTTP_REFERER

View Original

one text

Solution:

if(isset($_SERVER['HTTP_ORIGIN']) && preg_match('!^http(s)?://([a-z0-9\-]+\.)?example\.com$!is', $_SERVER['HTTP_ORIGIN']))
{
    header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
}

I'm using this and you can try it. Please remember, if the browser don't sent origin header it will pass the argument.

or using htaccess:

SetEnvIf Origin "^http(s)?://([a-z0-9\-]+\.)?example\.com$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header merge Vary Origin

Source
© 2021
E-mail: contact@webdevask.com
Back to top