send_origin_headers() WordPress Function
The send_origin_headers() function is used to send Origin headers to the browser. This function is typically called by plugins and themes when they need to send headers to the browser.
send_origin_headers() #
Send Access-Control-Allow-Origin and related headers if the current request is from an allowed origin.
Description
If the request is an OPTIONS request, the script exits with either access control headers sent, or a 403 response if the origin is not allowed. For other request methods, you will receive a return value.
Return
(string|false) Returns the origin URL if headers are sent. Returns false if headers are not sent.
Source
File: wp-includes/http.php
function send_origin_headers() {
$origin = get_http_origin();
if ( is_allowed_http_origin( $origin ) ) {
header( 'Access-Control-Allow-Origin: ' . $origin );
header( 'Access-Control-Allow-Credentials: true' );
if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
exit;
}
return $origin;
}
if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
status_header( 403 );
exit;
}
return false;
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 3.4.0 | Introduced. |