How do I set PHP's $_SERVER['HTTP_ORIGIN'] from node?

Question

The situation is that we have a rest API written in PHP. When a user sends a request to our site, we are calling a node script to call the rest API to get JSON and return a rendered javascript template to output onto the page.

But, in the rest script there is a check to make sure that $_SERVER['HTTP_ORIGIN'] is the same as $_SERVER['HTTP_HOST']. When I navigate to the rest URL via my browser, $_SERVER['HTTP_ORIGIN'] is set correctly, but when I make a get request from the node script, it is left blank.

I tried setting an Origin header. This is what I googled:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin

So my request in node was:

https.get({
    path:path,
    headers:{
        "Origin": "http://example.com"
    }
},function(res){
    ..etc

But error_loging $_SERVER['HTTP_ORIGIN'] reveals that it is still blank.

How do I make it so that PHP knows that $_SERVER['HTTP_ORIGIN'] is the current server?

Thanks!

[How secure is HTTP_ORIGIN?](https://stackoverflow.com/questions/4566378/how-secure-is-http-origin) — FirstOne, Sep 20 '17 at 19:58
Related? [Spoof Origin header in Node.js](https://stackoverflow.com/questions/18135508/spoof-origin-header-in-node-js). — FirstOne, Sep 20 '17 at 20:05

How do I set PHP's $_SERVER['HTTP_ORIGIN'] from node?

0 Answers0