Clients with domains must make their request from https connection

This commit is contained in:
Pierre 2018-05-20 14:54:55 +02:00
parent 039a47a105
commit b3cf5fab61

View File

@ -35,7 +35,7 @@ if(!$cs->clients->checkClientRequestTokens())
if(defined("APIServiceDomain")){
//First, limit requests
header("Access-Control-Allow-Origin: http://".APIServiceDomain.", https://".APIServiceDomain);
header("Access-Control-Allow-Origin: https://".APIServiceDomain);
//Then check for referer
if(!isset($_SERVER["HTTP_REFERER"]))