Search by 
timeshow / laravel-cors
laravel-cors for laravel
v0.3.2
2023-11-22 01:07 UTC
Requires
- php: ^8.0 | ^8.1
- fruitcake/php-cors: ^1.2
- illuminate/contracts: ^9.0 | ^10.0
- illuminate/support: ^9.0 | ^10.0
Requires (Dev)
- laravel/framework: ^9.0 | ^10.0
- phpunit/phpunit: ^9.0 | ^10.0
README
CORS Middleware for Laravel
Version Compatibility
| Laravel | Package |
|---|---|
| 9.0 | 0.1.0 |
| 10.0 | last version |
Install
Via Composer
composer remove barryvdh/laravel-cors timeshow/laravel-cors
composer require timeshow/laravel-cors
Global usage
To allow CORS for all your routes, add the HandleCors middleware at the top of the $middleware property of app/Http/Kernel.php class:
protected $middleware = [ \TimeShow\Cors\HandleCors::class, // ... ];
Configuration
The defaults are set in config/cors.php. Publish the config to copy the file to your own config:
php artisan vendor:publish --tag="cors"
Now update the config to define the paths you want to run the CORS service on, (see Configuration below):
'paths' => ['api/*', 'admin/*'],
Options
| Option | Description | Default value |
|---|---|---|
| paths | You can enable CORS for 1 or multiple paths, eg. ['api/*'] |
[] |
| allowed_methods | Matches the request method. | ['*'] |
| allowed_origins | Matches the request origin. Wildcards can be used, eg. *.mydomain.com or mydomain.com:* |
['*'] |
| allowed_origins_patterns | Matches the request origin with preg_match. |
[] |
| allowed_headers | Sets the Access-Control-Allow-Headers response header. | ['*'] |
| exposed_headers | Sets the Access-Control-Expose-Headers response header. | [] |
| max_age | Sets the Access-Control-Max-Age response header. | 0 |
| supports_credentials | Sets the Access-Control-Allow-Credentials header. | false |
allowed_origins, allowed_headers and allowed_methods can be set to ['*'] to accept any value. |