nelmio/cors-bundle
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|---|---|---|---|---|
psr/log | 3.0.0 | 6.77 kB | MIT | prod dev | |
symfony/framework-bundle | v7.0.7 | - | MIT | prod |
The NelmioCorsBundle package essentially enables Cross-Origin Resource Sharing (CORS) headers support in your Symfony PHP application. This is key for allowing secure cross-domain data transfers, with an emphasis on building API-based infrastructure that's compatible with AJAX calls in web applications.
You can integrate and use the nelmio/cors-bundle in your Symfony application in the following way:
Firstly, install the package via Composer. If you're using Symfony Flex, you can run:
composer req cors
For non-Symfony Flex use, require the nelmio/cors-bundle
in your composer.json
and update your dependencies:
$ composer require nelmio/cors-bundle
Then, add the NelmioCorsBundle to your application's kernel:
public function registerBundles()
{
$bundles = [
// ...
new Nelmio\CorsBundle\NelmioCorsBundle(),
// ...
];
// ...
}
Next, Symfony Flex generates a default configuration in config/packages/nelmio_cors.yaml
. You can customize the CORS settings for paths and allowed headers and methods. An example configuration:
nelmio_cors:
defaults:
allow_origin: ['*']
allow_headers: ['X-Custom-Auth']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
max_age: 3600
paths:
'^/api/':
allow_origin: ['*']
allow_headers: ['X-Custom-Auth']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
max_age: 3600
Here, CORS requests from any origin are allowed on /api/
, with some methods defined as allowed. Preflight requests can be cached for 3600 seconds.
The documentation for the nelmio/cors-bundle lives in the README file on the GitHub repository (https://github.com/nelmio/NelmioCorsBundle), where you can find information about the package's features, installation instructions, configuration guidance, and a cookbook section on how to handle specific use cases.