request = $request; } public function afterController($controller, $methodName, Response $response) { if($response instanceof JSONResponse){ if(isset($this->request->server['HTTP_ORIGIN'])) { $response->addHeader('Access-Control-Allow-Origin', $this->request->server['HTTP_ORIGIN']); } else { $response->addHeader('Access-Control-Allow-Origin', '*'); } } return parent::afterController($controller, $methodName, $response); } }