From a1f52ef118897535e2287afb545d28fac25b7fcd Mon Sep 17 00:00:00 2001
From: Alexander Makarov <sam@rmcreative.ru>
Date: Tue, 1 May 2018 01:16:03 +0300
Subject: [PATCH] Adjusted code style, fixed typo

---
 framework/filters/Cors.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/framework/filters/Cors.php b/framework/filters/Cors.php
index 1a62d93052..169c1e7eaa 100644
--- a/framework/filters/Cors.php
+++ b/framework/filters/Cors.php
@@ -160,12 +160,12 @@ class Cors extends ActionFilter
         $responseHeaders = [];
         // handle Origin
         if (isset($requestHeaders['Origin'], $this->cors['Origin'])) {
-            if (in_array($requestHeaders['Origin'], $this->cors['Origin'])) {
+            if (in_array($requestHeaders['Origin'], $this->cors['Origin'], true)) {
                 $responseHeaders['Access-Control-Allow-Origin'] = $requestHeaders['Origin'];
             }
 
-            if (in_array('*', $this->cors['Origin'])) {
-                // Per CORS standard(https://fetch.spec.whatwg.org), wildcard origins shouldn't be used together with credentails.
+            if (in_array('*', $this->cors['Origin'], true)) {
+                // Per CORS standard(https://fetch.spec.whatwg.org), wildcard origins shouldn't be used together with credentials
                 if (isset($this->cors['Access-Control-Allow-Credentials']) && $this->cors['Access-Control-Allow-Credentials']) {
                     if (YII_DEBUG) {
                         throw new Exception("Allowing credentials for wildcard origins is insecure. Please specify more restrictive origins or set 'credentials' to false in your CORS configuration.");