only add Access-Control-Allow-Headers if needed

2024-11-27 00:49:55 +03:00 · 2012-12-17 15:00:49 +00:00 · 2012-12-17 15:00:49 +00:00 · 490190b873
commit 490190b873
parent 0dd10c3fff
1 changed files with 4 additions and 1 deletions
--- a/lib/init-website.php
+++ b/lib/init-website.php
@ -5,7 +5,10 @@
 	{
 		header("Access-Control-Allow-Origin: *");
 		header("Access-Control-Allow-Methods: OPTIONS,GET");
-		header("Access-Control-Allow-Headers: ".$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
+		if (!empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
 		{
 			header("Access-Control-Allow-Headers: ".$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
 		}
 	}
 	if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') exit;