Skip to content

Latest commit

 

History

History
110 lines (76 loc) · 3.39 KB

README.md

File metadata and controls

110 lines (76 loc) · 3.39 KB

Project Management Scrutinizer Code Quality Code Coverage Build Status HHVM License

Description

This package adds Cross-Origin Resource Sharing (CORS) support to your Laravel application.

The package is based on Framework agnostic (PSR-7) CORS implementation.

Install

composer require neomerx/cors-illuminate

Add to your applications CORS provider by adding the following line to your config/app.php file

<?php

return [

    ...

    'providers' => [

        ...

        \Neomerx\CorsIlluminate\Providers\LaravelServiceProvider::class,

    ],
    
    ...

];

Add CORS middleware to your HTTP stack at app/Http/Kernel.php file. The middleware should be added to $middleware list which is executed for all routes (even non declared in your routes file). Preferably before 'heavy' middleware for performance reasons.

class Kernel extends HttpKernel
{
    ...

    protected $middleware = [
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
        \Neomerx\CorsIlluminate\CorsMiddleware::class, // <== add this line
        
        ...
    ];
    
    ...
}

Then you will configure CORS. Firstly create a config file by executing

php artisan vendor:publish --provider="Neomerx\CorsIlluminate\Providers\LaravelServiceProvider"

it will create config/cors-illuminate.php file in you application.

This file is extensively commented so it will be easy for you to set up it for your needs. First settings you need to configure are server origin (URL) and allowed origins

    ...
    
    /**
     * Could be string or array. If specified as array (recommended for
     * better performance) it should be in parse_url() result format.
     */
    Settings::KEY_SERVER_ORIGIN => [
        'scheme' => 'http',
        'host'   => 'localhost',
        'port'   => 1337,
    ],

    /**
     * A list of allowed request origins (lower-cased, no trail slashes).
     * Value `true` enables and value `null` disables origin.
     * If value is not on the list it is considered as not allowed.
     * Environment variables could be used for enabling/disabling certain hosts.
     */
    Settings::KEY_ALLOWED_ORIGINS => [
        'http://localhost:4200' => true,
    ],
    
    ...

Testing

composer test

Contributing

Pull requests for documentation and code improvements (PSR-2, tests) are welcome.

Versioning

This package is using Semantic Versioning.

License

Apache License (Version 2.0). Please see License File for more information.