1 package MyApache2::SetACAO;
3 use Apache2::Filter ();
4 use Apache2::RequestRec ();
7 use Apache2::Const -compile => qw(OK);
9 use constant BUFF_LEN => 1024;
14 # If the client generated an Origin header, echo its content back
15 # in an ACAO header. This is better than just using *, since it
16 # doesnt prevent credentials from being accepted.
17 my $hi = $f->r->headers_in;
18 my $ho = $f->r->headers_out;
19 my $origin = $hi->get('Origin');
20 warn "MyApache2::SetACAO got origin '$origin'";
21 if (defined $origin && $origin ne "") {
22 $ho->set('Access-Control-Allow-Origin', $origin);
23 warn "MyApache2::SetACAO copied origin to ACAO";
26 while ($f->read(my $buffer, BUFF_LEN)) {
30 return Apache2::Const::OK;