/**
* Method to send the application response to the client. All headers will be sent prior to the main application output data.
*
* @param array $options An optional argument to enable CORS. (Temporary)
*
* @return void
*
* @since 4.0.0
*/
protected function respond($options = array())
{
// Set the Joomla! API signature
$this->setHeader('X-Powered-By', 'JoomlaAPI/1.0', true);
$forceCORS = (int) $this->get('cors');
if ($forceCORS) {
/**
* Enable CORS (Cross-origin resource sharing)
* Obtain allowed CORS origin from Global Settings.
* Set to * (=all) if not set.
*/
$allowedOrigin = $this->get('cors_allow_origin', '*');
$this->setHeader('Access-Control-Allow-Origin', $allowedOrigin, true);
$this->setHeader('Access-Control-Allow-Headers', 'Authorization');
if ($this->input->server->getString('HTTP_ORIGIN', null) !== null) {
$this->setHeader('Access-Control-Allow-Origin', $this->input->server->getString('HTTP_ORIGIN'), true);
$this->setHeader('Access-Control-Allow-Credentials', 'true', true);
}
}
// Parent function can be overridden later on for debugging.
parent::respond();
}