[index] clarify CORS(the same origin) security policy

It solves communication errors caused by unclear CORS(the same origin) security policies.

```
define("CORS_DOMAINS", "exts.kr,catswords.re.kr");
// ... (생략) ...
// CORS Security (https or http)
if(CORS_DOMAINS !== false) {
    $domains = explode(",", CORS_DOMAINS);
    $_origin = $_SERVER['HTTP_ORIGIN'];
    $origins = array();
    if(!in_array("*", $domains)) {
        foreach($domains as $domain) {
            if(!empty($domain)) {
                $origins[] = sprintf("https://%s", $domain);
                $origins[] = sprintf("http://%s", $domain);
            }
        }
        if(count($origins) > 0) {
            if(in_array($_origin, $origins)) {
                header(sprintf("Access-Control-Allow-Origin: %s", $_origin));
            } else {
                header(sprintf("Access-Control-Allow-Origin: %s", $origins[0])); 
            }
        }
    } else {
        header("Access-Control-Allow-Origin: *");
    }
}
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

[index] clarify CORS(the same origin) security policy #47

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

[index] clarify CORS(the same origin) security policy #47

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions