#74 updating conditions for cors

makesites · Mar 14, 2013 · 1d92f39 · 1d92f39
1 parent 2c27232
commit 1d92f39
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/app/helpers/mvc.php b/app/helpers/mvc.php
@@ -353,11 +353,11 @@ function cors() {
 
 		// Allow from any origin
 		if (isset($_SERVER['HTTP_ORIGIN'])) {
-			header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
+			header("Access-Control-Allow-Origin: $_SERVER['HTTP_ORIGIN']");
+			header('Access-Control-Allow-Credentials: true');
 		} else {
 			header("Access-Control-Allow-Origin: *");
 		}
-			header('Access-Control-Allow-Credentials: true');
 			header('Access-Control-Allow-Headers: Content-Type, X-Requested-With, X-PINGOTHER');
 			header('Access-Control-Max-Age: 86400');    // cache for 1 day
 			header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE");