1 package MyApache2::SetACAO;
3 use Apache2::Filter ();
4 use Apache2::RequestRec ();
7 use Apache2::Const -compile => qw(OK);
9 use constant BUFF_LEN => 1024;
14 # If the client generated an Origin header, echo its content back
15 # in an ACAO header. This is better than just using *, since it
16 # doesnt prevent credentials from being accepted.
17 my $hi = $f->r->headers_in;
18 my $ho = $f->r->headers_out;
19 my $origin = $ho->get('Origin');
20 if (defined $origin && $origin ne "") {
21 $ho->set('Access-Control-Allow-Origin', $origin);
24 while ($f->read(my $buffer, BUFF_LEN)) {
28 return Apache2::Const::OK;