phpnexus/cors

Provides a reusable framework-agnostic CORS class.

0.3.4 2023-02-20 07:59 UTC

This package is auto-updated.

Last update: 2024-11-20 11:50:50 UTC


README

Latest Version Build Status Software License

Provides a lightweight, extensible, framework-agnostic CORS class.

You probably want to check these specific implementations for easy installation

Installation

It's recommended that you use Composer to install Cors:

$ composer require phpnexus/cors

This package requires PHP 7.4 or 8.1.

Usage

TODO

Configuration

Allow-Methods

Default: []

An array of allowed HTTP methods. These names are case-sensitive.

Example: ['GET', 'POST']

Allow-Headers

Default: []

Example: ['Content-Type']

Allow-Origins

Default: []

An array of allowed origins, in the form scheme://hostname.

Example: ['http://example.com', 'https://example.com']

This is not a replacement for proper access control measures.

Note: An asterisk (*) can also be used to allow any origin, but as per the specification the asterisk (*) cannot be used when Allow-Credentials is true.

Allow-Credentials

Default: false

Use true to allow cookies to be sent with the request.

Note: Cannot be true when the Allow-Origin contains "*".

Expose-Headers

Default: []

Max-Age

Default: 0 (no cache)

Number of seconds to cache the preflight response.

Roadmap

  • Benchmarks

Versioning

The packages adheres to the SemVer specification, and there will be full backward compatibility between minor versions.

Contributing

Please see CONTRIBUTING for details.

License

This package is released under the Apache 2.0 License. See the bundled LICENSE file for details.