gokure / hyperf-cors
Adds CORS (Cross-Origin Resource Sharing) headers support in your Hyperf application.
Installs: 32 980
Dependents: 0
Suggesters: 0
Security: 0
Stars: 10
Watchers: 3
Forks: 3
Open Issues: 0
Requires
- php: >=8.0
- hyperf/di: ~3.0.0 || ~3.1.0
- hyperf/http-server: ~3.0.0 || ~3.1.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ~3.16.0
- hyperf/config: ~3.0.0 || ~3.1.0
- hyperf/testing: ~3.0.0 || ~3.1.0
- hyperf/validation: ~3.0.0 || ~3.1.0
- mockery/mockery: ^1.6
- phpstan/phpstan: ^1.10
README
Implements fruitcake/laravel-cors for Hyperf.
Features
- Handles CORS pre-flight OPTIONS requests
- Adds CORS headers to your responses
- Match routes to only add CORS to certain Requests
Installation
Require the gokure/hyperf-cors package in your composer.json and update your dependencies:
composer require gokure/hyperf-cors
Global usage
To allow CORS for all your routes, add the CorsMiddleware middleware at the top of the property of config/autoload/middlewares.php file and set the paths property in the config (see Configuration below):
'http' => [ \Gokure\HyperfCors\CorsMiddleware::class, ... ],
Configuration
The defaults are set in config/autoload/cors.php. Publish the config to copy the file to your own config:
php bin/hyperf.php vendor:publish gokure/hyperf-cors
Note: When using custom headers, like
X-Auth-TokenorX-Requested-With, you must set theallowed_headersto include those headers. You can also set it to['*']to allow all custom headers.
Note: If you are explicitly whitelisting headers, you must include
Originor requests will fail to be recognized as CORS.
Options
allowed_origins, allowed_headers and allowed_methods can be set to ['*'] to accept any value.
Note: For
allowed_originsyou must include the scheme when not using a wildcard, e.g.['http://example.com', 'https://example.com']. You must also take into account that the scheme will be present when usingallowed_origins_patterns.
License
Released under the MIT License, see LICENSE.