pagemachine/cors

This package is abandoned and no longer maintained. No replacement package was suggested.

Cross Origin Resource Sharing for TYPO3 CMS.

Maintainers

Details

github.com/pagemachine/cors

Source

Issues

Installs: 3 838

Dependents: 0

Suggesters: 0

Security: 0

Stars: 8

Watchers: 5

Forks: 2

Open Issues: 0

Type:typo3-cms-extension

2.0.6 2018-05-11 08:05 UTC

Requires

Requires (Dev)

Replaces

  • cors: 2.0.6
  • typo3-ter/cors: 2.0.6

GPL-3.0-or-later 0dfe32ed310c4405c29ae02fb3f3b4d9c1c36d95

  • Mathias Brodala <mbrodala.woop@pagemachine.de>

corstypo3

This package is auto-updated.

Last update: 2021-12-22 07:09:55 UTC

README

Cross Origin Resource Sharing for TYPO3

Installation

This extension is installable from various sources:

  1. Via Composer:

     composer require pagemachine/cors

  2. From the TYPO3 Extension Repository

  3. From Github

Configuration

All configuration options can be set via TypoScript setup in config.cors or per page object in page.config.cors. The following options are available:

Option Type Description
allowCredentials int/boolean Processing of the credentials flag
allowHeaders string List of allowed headers (X-Foo, ...), simple headers are always allowed
allowMethods string List of allowed methods (PUT, DELETE, ...), simple methods are always allowed
allowOrigin string List of allowed origins
allowOrigin.pattern string Regular expression for matching origins, make sure to escape as necessary
exposeHeaders string List of headers exposed to clients
maxAge int Cache lifetime of preflight requests, watch out for browser limits

Note that all options support stdWrap processing through their .stdWrap property.

Examples

  • Origin wildcarding:

      config.cors {
    allowOrigin = *
  }

  • Simple list of origins:

      config.cors {
    allowOrigin = http://example.org, http://example.com
    // More readable version
    allowOrigin (
      http://example.org,
      http://example.com
    )
  }

  • Matching origins via regular expressions:

      config.cors {
    allowOrigin.pattern = https?://example\.(org|com)
  }

  • Allow specific methods:

      config.cors {
    allowMethods = GET, POST, PUT, DELETE
  }

  • Allow headers:

      config.cors {
    allowHeaders = (
      Content-Type,
      ...
    )
  }

  • Allow credential flag processing:

      config.cors {
    // Set to 1/true to enable
    allowCredentials = 1
  }

  • Expose headers:

     config.cors {
   exposeHeaders (
     X-My-Custom-Header,
     X-Another-Custom-Header
   )
 }

  • Set maximum age of preflight request result:

      config.cors {
    // 10 minutes
    maxAge = 600
  }

  • Set maximum age via some stdWrap processing:

      config.cors {
    maxAge.stdWrap.cObject = TEXT
    maxAge.stdWrap.cObject {
      value = 600
    }
  }

Issues

Found a bug? Need a feature? Let us know through our issue tracker.

Testing

All tests can be executed with the shipped Docker Compose definition:

docker-compose run --rm app composer build