I am writing a web app that is embedded within a website running on Joomla. On the client-side, I'm using AngularJS. Angular's $resource object follows the patters for Cross Origin Resource Sharing -- i.e. it makes an OPTIONS request before making any GET request.
In Joomla, I have a task in one of my controllers that receives the client's request, performs some authentication logic in Joomla, and then responds with data. If I make a simple GET request, this responds appropriately. However, I can't figure out how to make Joomla give the appropriate "OK" response when it receives an OPTIONS request.
Is there a Joomla-specific way to make this happen? If not, how can one respond to OPTIONS using plain PHP? My searches are drawing a blank.
(If it makes any difference, this will eventually be a same-origin request. It's only cross-origin in our development process. However, I believe that Angular will make the OPTIONS request regardless.)
This is an example of how to make CORS work:
Lets say you're on this page origin.com/test.php and your JavaScript on this page makes a request to target.com.
To initiate a cross-origin request, a browser sends the request with an Origin HTTP header. The value of this header is the domain ( origin.com ) that served the page. So in this case it would be:
Origin: http://origin.com
If target.com supports CORS, then it needs to reply with the Access-Control-Allow-Origin HTTP header in the response. The value of the header indicates what origin sites are allowed.
Access-Control-Allow-Origin: http://origin.com
To allow access from all domains, target.com needs to send the HTTP header:
Access-Control-Allow-Origin: *
For more info: http://en.wikipedia.org/wiki/Cross-origin_resource_sharing