From: Alexander Ebert <ebert@woltlab.com>
Date: Thu, 15 Dec 2016 10:00:44 +0000 (+0100)
Subject: Verifying CORS requests way earlier
X-Git-Tag: 3.0.0_RC_2~53
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=61dce6a4fc5ec1215c260d3eba3a28454f1eb4df;p=GitHub%2FWoltLab%2FWCF.git

Verifying CORS requests way earlier

Especially `OPTIONS` does not require anything else and we can bail out
safely. Also avoids spawning useless sessions.
---

diff --git a/wcfsetup/install/files/lib/system/WCF.class.php b/wcfsetup/install/files/lib/system/WCF.class.php
index 79704154d4..28d70129b5 100644
--- a/wcfsetup/install/files/lib/system/WCF.class.php
+++ b/wcfsetup/install/files/lib/system/WCF.class.php
@@ -147,13 +147,13 @@ class WCF {
 		// start initialization
 		$this->initDB();
 		$this->loadOptions();
+		$this->initCors();
 		$this->initSession();
 		$this->initLanguage();
 		$this->initTPL();
 		$this->initCronjobs();
 		$this->initCoreObjects();
 		$this->initApplications();
-		$this->initCors();
 		$this->initBlacklist();
 		
 		EventHandler::getInstance()->fireAction($this, 'initialized');