asm89/stack-cors
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|---|---|---|---|---|
symfony/http-foundation | v6.4.7 | - | MIT | prod dev | |
symfony/http-kernel | v6.4.7 | - | MIT | prod dev |
Asm89/Stack-CORS is a PHP library and middleware that enables Cross-Origin Resource Sharing (CORS) for your HTTP applications. In detail, it tries to implement the W3C's CORS recommendation, thereby allowing web applications running on one origin to access selected resources from a different origin. This plays an exemplary role in boosting web applications' security accompanied by the relaxation in accessing data from different origins.
Asm89/Stack-CORS is conveniently usable as either a library or a stack middleware. Installation is simple using Composer with asm89/stack-cors
.
To start using it as a library, you can make use of the CorsService
class and define your CORS settings. Here is an example:
use Asm89\Stack\CorsService;
$cors = new CorsService([
'allowedHeaders' => ['x-allowed-header', 'x-other-allowed-header'],
'allowedMethods' => ['DELETE', 'GET', 'POST', 'PUT'],
'allowedOrigins' => ['http://localhost'],
'allowedOriginsPatterns' => ['/localhost:\d/'],
'exposedHeaders' => false,
'maxAge' => false,
'supportsCredentials' => false,
]);
// assigning actual request headers
$cors->addActualRequestHeaders(Response $response, $origin);
// handling preflight request
$cors->handlePreflightRequest(Request $request);
// approving actual request
$cors->isActualRequestAllowed(Request $request);
// checking CORS request
$cors->isCorsRequest(Request $request);
// handling preflight request
$cors->isPreflightRequest(Request $request);
Similarly, to use it as a stack middleware:
use Asm89\Stack\Cors;
$app = new Cors($app, [
'allowedHeaders' => ['x-allowed-header', 'x-other-allowed-header'],
'allowedMethods' => ['DELETE', 'GET', 'POST', 'PUT'],
'allowedOrigins' => ['localhost'],
'allowedOriginsPatterns' => ['/localhost:\d/'],
'exposedHeaders' => false,
'maxAge' => false,
'supportsCredentials' => false,
]);
Remember that configurations like 'allowedHeaders', 'allowedMethods', and 'allowedOrigins', accept an array value including '*' to allow any headers, methods, or requests from any origin respectively.
For more detailed and technical documentation on asm89/stack-cors, you can refer to the README on the official GitHub repository. The documentation contains comprehensive guidelines about installation, usage, and options that you can set. Additionally, it provides useful examples to illustrate how to work with the library and the stack middleware.