los / los-cors
PHP CORS middleware
Installs: 6 087
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 3
Forks: 2
Open Issues: 0
Requires
- php: ^8.1
- laminas/laminas-diactoros: ^3.0
- neomerx/cors-psr7: ^1.0
- psr/container: ^1.0
- psr/http-message: ^1.0
- psr/http-server-middleware: ^1.0
Requires (Dev)
- laminas/laminas-coding-standard: ^2.5
- phpstan/phpstan: ^1.10
- squizlabs/php_codesniffer: ^3.6
README
This middleware handles CORS requests and adds cors headers
Installation
This middleware can be installed with composer.
$ composer require los/los-cors
Usage
Include the Los\Cors\CorsMiddleware
and it's factory Los\Cors\CorsMiddlewareFactory
to your pipeline and use the configuration bellow.
/** * Set the list of allowed origins domain with protocol. * For example: * 'allowed_origins' => ['http://www.mysite.com','https://api.mysite.com'], */ 'allowed_origins' => ['*'], /** * Set the list of HTTP verbs. */ 'allowed_methods' => ['GET', 'OPTIONS'], /** * Set the list of allowed headers. This is returned in the preflight request to indicate * which HTTP headers can be used when making the actual request */ 'allowed_headers' => ['Authorization', 'Accept', 'Content-Type'], /** * Set the max age of the preflight request in seconds. A non-zero max age means * that the preflight will be cached during this amount of time */ 'max_age' => 120, /** * Set the list of exposed headers. This is a whitelist that authorize the browser * to access to some headers using the getResponseHeader() JavaScript method. Please * note that this feature is buggy and some browsers do not implement it correctly */ 'expose_headers' => [], /** * Standard CORS requests do not send or set any cookies by default. For this to work, * the client must set the XMLHttpRequest's "withCredentials" property to "true". For * this to work, you must set this option to true so that the server can serve * the proper response header. */ 'allowed_credentials' => false,
Laminas / Mezzio
If you are using mezzio-skeleton, you can copy config/los-cors.global.php.dist
to config/autoload/los-cors.global.php
and modify the configuration as needed.