Download the PHP package splashlab/magento-2-cors-requests without Composer
On this page you can find all versions of the php package splashlab/magento-2-cors-requests. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download splashlab/magento-2-cors-requests
More information about splashlab/magento-2-cors-requests
Files in splashlab/magento-2-cors-requests
Package magento-2-cors-requests
Short Description Enabling cross-origin resource sharing (CORS) requests to Magento 2 API from configured Origin domain
License OSL-3.0 AFL-3.0
Homepage https://github.com/splashlab/magento-2-cors-requests
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package magento-2-cors-requests
Magento 2 CORS Cross-Domain Requests by SplashLab
This module allows you to enable Cross-Origin Resource Sharing (CORS) REST API requests in Magento 2 by adding the appropriate HTTP headers and handling the pre-flight OPTIONS requests.
This can be used to allow AJAX and other requests to the Magento 2 REST API from another domain (or subdomain).
How to install
1. via composer
Edit composer.json
2. Copy and paste
Download latest version from GitHub
Paste into app/code/SplashLab/CorsRequests directory
3. Update Origin URL
In Stores -> Configuration, go to General -> Web -> CORS Requests Configuration.
Then edit the the CORS Origin Url field to the domain you want to enable cross-domain requests from. (i.e. http://example.com)
How does it work?
The full implementation of CORS cross-domain HTTP requests is outside the scope of this README, but this is what this module does:
- Allows onfigureing an Origin Url in the Admin Configuration area - this is the domain which cross-domain requests are permitted from
- This domain is added to a
Access-Control-Allow-Originresponse HTTP header - Optionally you can enable the
Access-Control-Allow-Credentialsheader as well, to enable passing cookies
For non-GET and non-standard-POST requests (i.e. PUT and DELETE), the "pre-flight check" OPTIONS request is handled by:
- An empty
/V1/cors/checkAPI response with the appropriate headers: Access-Control-Allow-Methodsresponse header, which mirrors theAccess-Control-Request-Methodrequest headerAccess-Control-Allow-Headersresponse header, which mirrors theAccess-Control-Request-Headersrequest header
Alternative Solutions
You can also manage these CORS headers with Apache and Nginx rules, instead of using this extension:
- https://community.magento.com/t5/Magento-2-Feature-Requests-and/API-CORS-requests-will-fail-without-OPTIONS-reponse/idi-p/60551
- https://stackoverflow.com/questions/35174585/how-to-add-cors-cross-origin-policy-to-all-domains-in-nginx
But I created this extension to allow you to configure the Origin domain the Admin Configuration, and to avoid having to create and manage special server configuration.
CORS Cross-Domain Request References
- https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
- https://www.html5rocks.com/en/tutorials/cors/
- https://stackoverflow.com/questions/29954037/how-to-disable-options-request
- https://stackoverflow.com/questions/12320467/jquery-cors-content-type-options
- https://github.com/magento/magento2/issues/8399
