|
Chris@0
|
1 # Stack/Cors
|
|
Chris@0
|
2
|
|
Chris@0
|
3 Library and middleware enabling cross-origin resource sharing for your
|
|
Chris@0
|
4 http-{foundation,kernel} using application. It attempts to implement the
|
|
Chris@0
|
5 [W3C Recommendation] for cross-origin resource sharing.
|
|
Chris@0
|
6
|
|
Chris@0
|
7 [W3C Recommendation]: http://www.w3.org/TR/cors/
|
|
Chris@0
|
8
|
|
Chris@0
|
9 Master [](http://travis-ci.org/asm89/stack-cors)
|
|
Chris@0
|
10
|
|
Chris@0
|
11 ## Installation
|
|
Chris@0
|
12
|
|
Chris@0
|
13 Require `asm89/stack-cors` using composer.
|
|
Chris@0
|
14
|
|
Chris@0
|
15 ## Usage
|
|
Chris@0
|
16
|
|
Chris@0
|
17 This package can be used as a library or as [stack middleware].
|
|
Chris@0
|
18
|
|
Chris@0
|
19 [stack middleware]: http://stackphp.com/
|
|
Chris@0
|
20
|
|
Chris@0
|
21 ### Example: using the library
|
|
Chris@0
|
22
|
|
Chris@0
|
23 ```php
|
|
Chris@0
|
24 <?php
|
|
Chris@0
|
25
|
|
Chris@0
|
26 use Asm89\Stack\CorsService;
|
|
Chris@0
|
27
|
|
Chris@0
|
28 $cors = new CorsService(array(
|
|
Chris@0
|
29 'allowedHeaders' => array('x-allowed-header', 'x-other-allowed-header'),
|
|
Chris@0
|
30 'allowedMethods' => array('DELETE', 'GET', 'POST', 'PUT'),
|
|
Chris@0
|
31 'allowedOrigins' => array('localhost'),
|
|
Chris@0
|
32 'exposedHeaders' => false,
|
|
Chris@0
|
33 'maxAge' => false,
|
|
Chris@0
|
34 'supportsCredentials' => false,
|
|
Chris@0
|
35 ));
|
|
Chris@0
|
36
|
|
Chris@0
|
37 $cors->addActualRequestHeaders(Response $response, $origin);
|
|
Chris@0
|
38 $cors->handlePreflightRequest(Request $request);
|
|
Chris@0
|
39 $cors->isActualRequestAllowed(Request $request);
|
|
Chris@0
|
40 $cors->isCorsRequest(Request $request);
|
|
Chris@0
|
41 $cors->isPreflightRequest(Request $request);
|
|
Chris@0
|
42 ```
|
|
Chris@0
|
43
|
|
Chris@0
|
44 ## Example: using the stack middleware
|
|
Chris@0
|
45
|
|
Chris@0
|
46 ```php
|
|
Chris@0
|
47 <?php
|
|
Chris@0
|
48
|
|
Chris@0
|
49 use Asm89\Stack\Cors;
|
|
Chris@0
|
50
|
|
Chris@0
|
51 $app = new Cors($app, array(
|
|
Chris@0
|
52 // you can use array('*') to allow any headers
|
|
Chris@0
|
53 'allowedHeaders' => array('x-allowed-header', 'x-other-allowed-header'),
|
|
Chris@0
|
54 // you can use array('*') to allow any methods
|
|
Chris@0
|
55 'allowedMethods' => array('DELETE', 'GET', 'POST', 'PUT'),
|
|
Chris@0
|
56 // you can use array('*') to allow requests from any origin
|
|
Chris@0
|
57 'allowedOrigins' => array('localhost'),
|
|
Chris@0
|
58 'exposedHeaders' => false,
|
|
Chris@0
|
59 'maxAge' => false,
|
|
Chris@0
|
60 'supportsCredentials' => false,
|
|
Chris@0
|
61 ));
|
|
Chris@0
|
62 ```
|
