Here’s the thing. Getting a .txt file from the server is one of the many problems that CORS is trying to stop. The fact is, a .txt extension can be a file containing anything. Just because the extension is .txt doesn’t mean the files contents contains actual text.
Inside your page header you have to tell your app what communications are allowed and with whom. Getting a font file from google? You have to specifically enable that google cdn. Want something from your server? You have to enable that access.
From the server side, you also have to tell the app who it’s communicating with. If the app requests data from servera and serverb answers, the app will reject the data. If you request fonts from google and google answers as yahoo, your app would (and should) reject that data.
So, first thing you need to do is create a script on the server to open and feed the .txt file back to the app as JSON. That’s pretty trivial.
$options = Array('status' => "OK", 'version' => $text_from_file);
// return the results to the client
$output = json_encode($options);
echo "$output"; // send it to the browser
The catch is that no matter what format, without the CORS header set correctly, your app will reject everything.
Next, to handle the CORS, a simple trick is to ask the app what domain it’s looking for and feed that back to it. This method is just for testing and NOT for production but it should help you move forward one step. Here’s the basic idea.
httpHeaders.class.php:
<?php
if(!defined('_SOMETAG')) header('Location: https://www.mydomain.com/');
// ini_set('display_errors', 'On');
// error_reporting(E_ALL | E_STRICT);
// this checks the HTTP_ORIGIN header and, depending on the device, it sends back
// the correct header.
class Headers
{
public $http_origin = "";
public $authorized = false;
public $apiLevel = 1;
private $DBprefix;
function __construct()
{
$this->getHTTPOrigin();
}
public function sendHeaders($strType)
{
header('Access-Control-Allow-Origin: ' .$this->http_origin);
error_log("HTTP_ORIGIN: $this->http_origin");
// error_log("content-type: " .$strType);
switch($strType)
{
case "json":
header('Content-type: application/json');
break;
case "jpeg":
header('Content-type: image/jpeg');
break;
case "png":
header('Content-type: image/png');
break;
case "text":
header('Content-type: text/plain');
break;
case "html":
header('Content-type: text/html');
break;
default:
break; // do nothing
}
}
// figure out the allowed origin response
public function getHTTPOrigin()
{
// see what the browser is telling us.
$http_origin = $_SERVER['HTTP_ORIGIN'];
// error_log("getting HTTP_ORIGIN: " .$http_origin);
if($http_origin == "")
// this is probably from... sigh... Android
$this->http_origin = "https://www.mydomain.com";
elseif($http_origin == "app://localhost")
// this is apple/cordova and the new wkwebkit built into 6.1
$this->http_origin = $http_origin;
else
$this->http_origin = "*"; // just in case something changes and we don't catch it
// error_log("this->http_origin set to: " .$this->http_origin);
}
}
?>
To test and play with the header class try this:
// figure out what kind of headers we need
// to send and then send those headers.
$headers = new Headers;
$headers->sendHeaders("json");
If it’s not fundamentally clear, send the headers before sending the JSON.