From 1d92f3908d0677c253c4e5b1aacf98b37a4a413e Mon Sep 17 00:00:00 2001
From: Makis Tracend <makis.tracend@gmail.com>
Date: Thu, 14 Mar 2013 02:29:32 -0700
Subject: [PATCH] #74 updating conditions for cors

---
 app/helpers/mvc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/helpers/mvc.php b/app/helpers/mvc.php
index 6e5a954..7895780 100644
--- a/app/helpers/mvc.php
+++ b/app/helpers/mvc.php
@@ -353,11 +353,11 @@ function cors() {
 
 		// Allow from any origin
 		if (isset($_SERVER['HTTP_ORIGIN'])) {
-			header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
+			header("Access-Control-Allow-Origin: $_SERVER['HTTP_ORIGIN']");
+			header('Access-Control-Allow-Credentials: true');
 		} else {
 			header("Access-Control-Allow-Origin: *");
 		}
-			header('Access-Control-Allow-Credentials: true');
 			header('Access-Control-Allow-Headers: Content-Type, X-Requested-With, X-PINGOTHER');
 			header('Access-Control-Max-Age: 86400');    // cache for 1 day
 			header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE");