Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
musa
/
Travelsystem_Laravel11
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Puu: c4b5a2c1ef
Haarat Tagit
Travelsystem_La...
/
vendor
/
fruitcake
/
php-cors
Musa 4547782a4a first commit 10 kuukautta sitten
..
src 4547782a4a first commit 10 kuukautta sitten
LICENSE 4547782a4a first commit 10 kuukautta sitten
README.md 4547782a4a first commit 10 kuukautta sitten
composer.json 4547782a4a first commit 10 kuukautta sitten

README.md

CORS for PHP (using the Symfony HttpFoundation)

Unit Tests PHPStan Level 9 Code Coverage Packagist License Latest Stable Version Total Downloads Fruitcake

Library and middleware enabling cross-origin resource sharing for your http-{foundation,kernel} using application. It attempts to implement the W3C Recommendation for cross-origin resource sharing.

Note: This is a standalone fork of https://github.com/asm89/stack-cors and is compatible with the options for CorsService.

Installation

Require fruitcake/php-cors using composer.

Usage

This package can be used as a library. You can use it in your framework using:

Options

Option Description Default value
allowedMethods Matches the request method. []
allowedOrigins Matches the request origin. []
allowedOriginsPatterns Matches the request origin with preg_match. []
allowedHeaders Sets the Access-Control-Allow-Headers response header. []
exposedHeaders Sets the Access-Control-Expose-Headers response header. []
maxAge Sets the Access-Control-Max-Age response header. 0
supportsCredentials Sets the Access-Control-Allow-Credentials header. false

The allowedMethods and allowedHeaders options are case-insensitive.

You don't need to provide both allowedOrigins and allowedOriginsPatterns. If one of the strings passed matches, it is considered a valid origin. A wildcard in allowedOrigins will be converted to a pattern.

If ['*'] is provided to allowedMethods, allowedOrigins or allowedHeaders all methods / origins / headers are allowed.

Note: Allowing a single static origin will improve cacheability.

Example: using the library

<?php

use Fruitcake\Cors\CorsService;

$cors = new CorsService([
    'allowedHeaders'         => ['x-allowed-header', 'x-other-allowed-header'],
    'allowedMethods'         => ['DELETE', 'GET', 'POST', 'PUT'],
    'allowedOrigins'         => ['http://localhost', 'https://*.example.com'],
    'allowedOriginsPatterns' => ['/localhost:\d/'],
    'exposedHeaders'         => ['Content-Encoding'],
    'maxAge'                 => 0,
    'supportsCredentials'    => false,
]);

$cors->addActualRequestHeaders(Response $response, $origin);
$cors->handlePreflightRequest(Request $request);
$cors->isActualRequestAllowed(Request $request);
$cors->isCorsRequest(Request $request);
$cors->isPreflightRequest(Request $request);

License

Released under the MIT License, see LICENSE.

This package is split-off from https://github.com/asm89/stack-cors and developed as stand-alone library since 2022