Download the PHP package gokure/hyperf-cors without Composer
On this page you can find all versions of the php package gokure/hyperf-cors. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Informations about the package hyperf-cors
CORS Middleware for Hyperf
Implements fruitcake/laravel-cors for Hyperf.
Features
- Handles CORS pre-flight OPTIONS requests
- Adds CORS headers to your responses
- Match routes to only add CORS to certain Requests
Installation
Require the gokure/hyperf-cors
package in your composer.json
and update your dependencies:
Global usage
To allow CORS for all your routes, add the CorsMiddleware
middleware at the top of the property of config/autoload/middlewares.php
file and set the paths
property in the config (see Configuration below):
Configuration
The defaults are set in config/autoload/cors.php
. Publish the config to copy the file to your own config:
Note: When using custom headers, like
X-Auth-Token
orX-Requested-With
, you must set theallowed_headers
to include those headers. You can also set it to['*']
to allow all custom headers.Note: If you are explicitly whitelisting headers, you must include
Origin
or requests will fail to be recognized as CORS.
Options
Option | Description | Default value |
---|---|---|
paths | You can enable CORS for 1 or multiple paths, eg. ['api/*'] |
[] |
allowed_origins | Matches the request origin. Wildcards can be used, eg. *.mydomain.com or mydomain.com:* |
['*'] |
allowed_origins_patterns | Matches the request origin with preg_match . |
[] |
allowed_methods | Matches the request method. | ['*'] |
allowed_headers | Sets the Access-Control-Allow-Headers response header. | ['*'] |
exposed_headers | Sets the Access-Control-Expose-Headers response header. | false |
max_age | Sets the Access-Control-Max-Age response header. | 0 |
supports_credentials | Sets the Access-Control-Allow-Credentials header. | false |
allowed_origins
, allowed_headers
and allowed_methods
can be set to ['*']
to accept any value.
Note: For
allowed_origins
you must include the scheme when not using a wildcard, e.g.['http://example.com', 'https://example.com']
. You must also take into account that the scheme will be present when usingallowed_origins_patterns
.
License
Released under the MIT License, see LICENSE.
All versions of hyperf-cors with dependencies
hyperf/di Version ~3.0.0 || ~3.1.0
hyperf/http-server Version ~3.0.0 || ~3.1.0