I'm creating a JSON webservice in CakePHP 1.3.
I want to be able to send AJAX requests from a different server to this webservice.
I know this is a cinch in Cake 2+, but I cannot for the life of me figure it out for v1.3. Based on what I have found in the docs, I have attempted the following in my controller:
public $components = array('RequestHandler');
function beforeFilter() {
Configure::write('debug', 0);
$this->header('Access-Control-Allow-Origin','*');
$this->header('Access-Control-Allow-Methods','*');
$this->header('Access-Control-Allow-Headers','X-Requested-With');
$this->header('Access-Control-Allow-Headers','Content-Type, x-xsrf-token');
$this->header('Access-Control-Max-Age','172800');
}
This unfortunately results in 500 ERR_INVALID_RESPONSE.
I have attempted to do $this->response->header instead of $this->header, and same problem. I've also attempted header instead of $this->header, and again I'm getting a server response of 500. I have also attempted moving the header block into my action in the controller, into the top-level app_controller.php file, into the bootstrap.php file, and into the view file itself (with every variation of header, $this->header, and $this->response->header attempted). Removing Configure::write('debug', 0); does not solve the issue.
Heck, I even have this in my .htaccess file:
<IfModule mod_headers.c>
<FilesMatch "\.(json)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
Although that doesn't seem to do anything. I have mod_headers.load in my mods-available folder in Apache as well.
Anyone know how to set the Access-Control-Allow-Origin header in CakePHP 1.3?
header("Access-Control-Allow-Origin: *");
I know this is an old post but I jut want to answer this to help others.
@Restie's answer is correct but it's not clear why. In CakePHP 1.3, in the controller library, the header method is just a wrapper onto the PHP header function:
function header($status) {
header($status);
}
So $this->header should work perfectly. The mistake is to copy the Java style for setting headers which takes two parameters:
$this->header('Access-Control-Allow-Origin','*');
For header in PHP land you have to switch it to:
$this->header('Access-Control-Allow-Origin: *');