Add Access-Control-Allow-Origin to header in PHP

Posted by SANDeveloper on Stack Overflow See other posts from Stack Overflow or by SANDeveloper
Published on 2012-09-27T21:53:33Z Indexed on 2012/10/16 23:01 UTC
Read the original article Hit count: 274

Filed under:
|
|
|

I am trying to workaround CORS restriction on a WebGL application. I have a Web Service which resolves URL and returns images. Since this web service is not CORS enabled, I can't use the returned images as textures.

I was planning to:

  1. Write a PHP script to handle image requests
  2. Image requests would be sent through the query string as a url parameter

The PHP Script will:

  1. Call the web service with the query string url
  2. Fetch the image response (web service returns a content-type:image response)
  3. Add the CORS header (Add Access-Control-Allow-Origin) to the response
  4. Send the response to the browser

I tried to implement this using a variety of techniques including CURL, HTTPResponse, plain var_dump etc. but got stuck at some point in each.

So I have 2 questions:

  1. Is the approach good enough?
  2. Considering the approach is good enough:

I made the most progress with CURL. I could get the image header and data with:

$ch = curl_init();
$url = $_GET["url"];
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:image/jpeg'));

//Execute request 
    $response = curl_exec($ch);

//get the default response headers 
    $headers = curl_getinfo($ch);

//close connection 
    curl_close($ch);

But this doesn't actually change set the response content-type to image/jpeg. It dumps the header + response into a new response of content-type text/html and display the header and the image BLOB data in the browser.

How do I get it to send the response in the format I want?

Managed to get it working:

    $ch = curl_init();
    $url = $_GET["url"];
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, false);

//Execute request 
    $response = curl_exec($ch);

//get the default response headers 
    $headers = curl_getinfo($ch);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    header('Content-Type: image/jpeg');
    header("Access-Control-Allow-Origin: *");
//    header("Expires: Sat, 26 Jul 2017 05:00:00 GMT");

//close connection 
    curl_close($ch);
    flush();

© Stack Overflow or respective owner

Related posts about php

Related posts about curl