A WordPress-centric search engine for devs and theme authors



rest_send_cors_headers ›

Since4.4.0
Deprecatedn/a
rest_send_cors_headers ( $value )
Parameters:
  • (mixed) $value Response data.
    Required: Yes
Returns:
  • (mixed) Response data.
Defined at:
Codex:

Sends Cross-Origin Resource Sharing headers with API requests.



Source

function rest_send_cors_headers( $value ) {
	$origin = get_http_origin();

	if ( $origin ) {
		// Requests from file:// and data: URLs send "Origin: null"
		if ( 'null' !== $origin ) {
			$origin = esc_url_raw( $origin );
		}
		header( 'Access-Control-Allow-Origin: ' . $origin );
		header( 'Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, PATCH, DELETE' );
		header( 'Access-Control-Allow-Credentials: true' );
		header( 'Vary: Origin' );
	}

	return $value;
}