Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory : /home/corals/old/app/code/Zendesk/Zendesk/Helper/ |
<?php
namespace Zendesk\Zendesk\Helper;
class CorsHelper
{
const ZENDESK_API_PATH_PATTERN = '#.*/V1/zendesk/.+#';
/**
* @var Config
*/
protected $configHelper;
/**
* CorsHelper constructor.
* @param Config $configHelper
*/
public function __construct(
\Zendesk\Zendesk\Helper\Config $configHelper
) {
$this->configHelper = $configHelper;
}
/**
* Get valid Zendesk API CORS request methods
*
* @return array
*/
public function getZendeskApiCorsMethods()
{
return [
\Zend\Http\Request::METHOD_OPTIONS,
\Zend\Http\Request::METHOD_GET
];
}
/**
* Determine if request is consistent with Zendesk API
* CORS request.
*
* @param \Zend\Http\Request $request
* @return bool
*/
public function isZendeskCorsRequest(\Zend\Http\Request $request)
{
return in_array($request->getMethod(), $this->getZendeskApiCorsMethods())
&& preg_match(self::ZENDESK_API_PATH_PATTERN, $request->getPathInfo());
}
/**
* Add the following CORS headers to request.
* - Access-Control-Allow-Origin
* - Access-Control-Allow-Methods
* - Access-Control-Allow-Headers
*
* @param \Zend\Http\Request $request
* @param \Magento\Framework\Webapi\Rest\Response $response
*/
public function addCorsHeaders(
\Zend\Http\Request $request,
\Magento\Framework\Webapi\Rest\Response $response
) {
$origin = $request->getHeader('Origin');
if (!preg_match($this->configHelper->getZendeskAppCorsOrigin(), $origin)) {
// CORS origin is not a valid Zendesk app request -- bail without adding any access control headers.
return;
}
$response->setHeader('Access-Control-Allow-Origin', $origin);
$response->setHeader('Access-Control-Allow-Methods', $request->getHeader('Access-Control-Request-Method'));
$response->setHeader('Access-Control-Allow-Headers', $request->getHeader('Access-Control-Request-Headers'));
}
}