Init translation files

_public.php

@@ -13,10 +13,12 @@ class rest extends dcUrlHandlers
 			return;
 		}
 		
-		//To do make headers optionals
-		header('Access-Control-Allow-Origin: *');
-		header('Access-Control-Allow-Methods: GET, POST'); 
-		header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
+		//coors headers
+		if($core->blog->settings->rest->rest_send_cors_headers){
+			header('Access-Control-Allow-Origin: *');
+			header('Access-Control-Allow-Methods: GET, POST'); 
+			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
+		}
 		
 		
 		

index.php

@@ -9,9 +9,9 @@ $apiKey = new ApiKey;
 $core->blog->settings->addNamespace('rest');
 if (is_null($core->blog->settings->rest->rest_active)) {
 	try {
-		// Default state is active if the comments are configured to allow wiki syntax
 		$core->blog->settings->rest->put('rest_active',false,'boolean',true);
 		$core->blog->settings->rest->put('rest_is_open',false,'boolean',true);
+		$core->blog->settings->rest->put('rest_send_cors_headers',true,'boolean',true);
 		$core->blog->triggerBlog();
 		http::redirect($p_url);
 	}
@@ -22,6 +22,7 @@ if (is_null($core->blog->settings->rest->rest_active)) {
 // Getting current parameters
 $active = (boolean)$core->blog->settings->rest->rest_active;
 $openApi = (boolean)$core->blog->settings->rest->rest_is_open;
+$sendHeaders =(boolean)$core->blog->settings->rest->rest_send_cors_headers;
 
 //Sousmission Formulaire parametres
 if ((!empty($_POST['saveconfig'])) && ($core->auth->isSuperAdmin())) {
@@ -34,6 +35,9 @@ if ((!empty($_POST['saveconfig'])) && ($core->auth->isSuperAdmin())) {
 		$openApi = (empty($_POST['open'])) ? false : true;
 		$core->blog->settings->rest->put('rest_is_open',$openApi,'boolean');
 		
+		$sendHeaders = (empty($_POST['sendHeaders'])) ? false : true;
+		$core->blog->settings->rest->put('rest_send_cors_headers',$sendHeaders,'boolean');
+		
 		dcPage::addSuccessNotice(__('Configuration successfully updated.'));
 		http::redirect($p_url);
 	}catch (Exception $e)
@@ -47,7 +51,7 @@ if(!empty($_POST['resetApiKey'])){
 	$apiKey -> new_key($core->auth->userID());
 	dcPage::addSuccessNotice(__('Your new key is').' '.$apiKey->key);
 }
-//is user admin isSuperAdmin
+
 
 ?>
 <html>
@@ -58,9 +62,12 @@ if(!empty($_POST['resetApiKey'])){
 	<h2><?php echo __('Your API key');?></h2>
 	<?php echo $apiKey-> get_dc_admin_form($core->auth->userID()); ?>
 
-<?php if($core->auth->isSuperAdmin()): ?>
+<?php 
+//Seulement si administrateur:
+if($core->auth->isSuperAdmin()): 
+?>
 	
-	<h2>Rest API configuration</h2>
+	<h2><?php echo __('Rest API configuration'); ?></h2>
 		<form method="post" action="<?php http::getSelfURI(); ?>">
 		<p>
 			<?php echo form::checkbox('active', 1, $active); ?>
@@ -73,11 +80,17 @@ if(!empty($_POST['resetApiKey'])){
 		<p class="info"><?php echo __("If checked, few methods as GET will be allowed to externals users without API key. 
 		However, they won't be able to request for non public content."); ?></p> 
 		<?php echo $core->formNonce(); ?>
+		<p>
+			<?php echo form::checkbox('sendHeaders', 1, $sendHeaders); ?>
+			<label class="classic" for="sendHeaders">&nbsp;<?php echo __('Send Coors headers');?></label>
+		</p>
 		<p>
 			<input type="submit" name="saveconfig" value="<?php echo __('Save configuration'); ?>" />
 		</p>
 		
 		</from>
-<?php endif; ?>
+<?php 
+endif;
+?>
 </body>
 </html>

locales/fr/main.po

@@ -0,0 +1,8 @@
+msgid "Enable REST API"
+msgstr "Activer l'API REST"
+
+msgid "Your API key"
+msgstr "Votre clef"
+
+msgid "Rest API configuration"
+msgstr "Configuration de l'API"