zooxsmart / los-cors
PHP CORS middleware
1.0.1
2023-11-08 08:26 UTC
Requires
- php: ^8.2
- laminas/laminas-diactoros: ^3.3
- neomerx/cors-psr7: ^3.0
- psr/container: ^1.0 || ^2.0
- psr/http-message: ^1.0
- psr/http-server-middleware: ^1.0
Requires (Dev)
- laminas/laminas-coding-standard: ^2.5
- phpstan/phpstan: ^1.10.39
- squizlabs/php_codesniffer: ^3.7.2
This package is auto-updated.
Last update: 2024-12-08 11:11:13 UTC
README
This middleware handles CORS requests and adds cors headers
Installation
This middleware can be installed with composer.
$ composer require los/los-cors
Usage
Include the Los\Cors\CorsMiddleware
and it's factory Los\Cors\CorsMiddlewareFactory
to your pipeline and use the configuration bellow.
/** * Set the list of allowed origins domain with protocol. * For example: * 'allowed_origins' => ['http://www.mysite.com','https://api.mysite.com'], */ 'allowed_origins' => ['*'], /** * Set the list of HTTP verbs. */ 'allowed_methods' => ['GET', 'OPTIONS'], /** * Set the list of allowed headers. This is returned in the preflight request to indicate * which HTTP headers can be used when making the actual request */ 'allowed_headers' => ['Authorization', 'Accept', 'Content-Type'], /** * Set the max age of the preflight request in seconds. A non-zero max age means * that the preflight will be cached during this amount of time */ 'max_age' => 120, /** * Set the list of exposed headers. This is a whitelist that authorize the browser * to access to some headers using the getResponseHeader() JavaScript method. Please * note that this feature is buggy and some browsers do not implement it correctly */ 'expose_headers' => [], /** * Standard CORS requests do not send or set any cookies by default. For this to work, * the client must set the XMLHttpRequest's "withCredentials" property to "true". For * this to work, you must set this option to true so that the server can serve * the proper response header. */ 'allowed_credentials' => false,
Laminas / Mezzio
If you are using mezzio-skeleton, you can copy config/los-cors.global.php.dist
to config/autoload/los-cors.global.php
and modify the configuration as needed.