Mercurial > hg > isophonics-drupal-site

annotate vendor/asm89/stack-cors/README.md @ 19:fa3358dc1485 tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents 7a779792577d
children
rev   line source
Chris@0 1 # Stack/Cors
Chris@0 2
Chris@0 3 Library and middleware enabling cross-origin resource sharing for your
Chris@0 4 http-{foundation,kernel} using application. It attempts to implement the
Chris@0 5 [W3C Recommendation] for cross-origin resource sharing.
Chris@0 6
Chris@0 7 [W3C Recommendation]: http://www.w3.org/TR/cors/
Chris@0 8
Chris@0 9 Master [![Build Status](https://secure.travis-ci.org/asm89/stack-cors.png?branch=master)](http://travis-ci.org/asm89/stack-cors)
Chris@0 10
Chris@0 11 ## Installation
Chris@0 12
Chris@0 13 Require `asm89/stack-cors` using composer.
Chris@0 14
Chris@0 15 ## Usage
Chris@0 16
Chris@0 17 This package can be used as a library or as [stack middleware].
Chris@0 18
Chris@0 19 [stack middleware]: http://stackphp.com/
Chris@0 20
Chris@12 21 ### Options
Chris@12 22
Chris@12 23 | Option | Description | Default value |
Chris@12 24 |------------------------|------------------------------------------------------------|---------------|
Chris@12 25 | allowedMethods | Matches the request method. | `array()` |
Chris@12 26 | allowedOrigins | Matches the request origin. | `array()` |
Chris@12 27 | allowedOriginsPatterns | Matches the request origin with `preg_match`. | `array()` |
Chris@12 28 | allowedHeaders | Sets the Access-Control-Allow-Headers response header. | `array()` |
Chris@12 29 | exposedHeaders | Sets the Access-Control-Expose-Headers response header. | `false` |
Chris@12 30 | maxAge | Sets the Access-Control-Max-Age response header. | `false` |
Chris@12 31 | supportsCredentials | Sets the Access-Control-Allow-Credentials header. | `false` |
Chris@12 32
Chris@12 33 The _allowedMethods_ and _allowedHeaders_ options are case-insensitive.
Chris@12 34
Chris@12 35 You don't need to provide both _allowedOrigins_ and _allowedOriginsPatterns_. If one of the strings passed matches, it is considered a valid origin.
Chris@12 36
Chris@12 37 If `array('*')` is provided to _allowedMethods_, _allowedOrigins_ or _allowedHeaders_ all methods / origins / headers are allowed.
Chris@12 38
Chris@0 39 ### Example: using the library
Chris@0 40
Chris@0 41 ```php
Chris@0 42 <?php
Chris@0 43
Chris@0 44 use Asm89\Stack\CorsService;
Chris@0 45
Chris@0 46 $cors = new CorsService(array(
Chris@12 47 'allowedHeaders' => array('x-allowed-header', 'x-other-allowed-header'),
Chris@12 48 'allowedMethods' => array('DELETE', 'GET', 'POST', 'PUT'),
Chris@12 49 'allowedOrigins' => array('localhost'),
Chris@12 50 'allowedOriginsPatterns' => array('/localhost:\d/'),
Chris@12 51 'exposedHeaders' => false,
Chris@12 52 'maxAge' => false,
Chris@12 53 'supportsCredentials' => false,
Chris@0 54 ));
Chris@0 55
Chris@0 56 $cors->addActualRequestHeaders(Response $response, $origin);
Chris@0 57 $cors->handlePreflightRequest(Request $request);
Chris@0 58 $cors->isActualRequestAllowed(Request $request);
Chris@0 59 $cors->isCorsRequest(Request $request);
Chris@0 60 $cors->isPreflightRequest(Request $request);
Chris@0 61 ```
Chris@0 62
Chris@0 63 ## Example: using the stack middleware
Chris@0 64
Chris@0 65 ```php
Chris@0 66 <?php
Chris@0 67
Chris@0 68 use Asm89\Stack\Cors;
Chris@0 69
Chris@0 70 $app = new Cors($app, array(
Chris@0 71 // you can use array('*') to allow any headers
Chris@0 72 'allowedHeaders' => array('x-allowed-header', 'x-other-allowed-header'),
Chris@0 73 // you can use array('*') to allow any methods
Chris@0 74 'allowedMethods' => array('DELETE', 'GET', 'POST', 'PUT'),
Chris@0 75 // you can use array('*') to allow requests from any origin
Chris@0 76 'allowedOrigins' => array('localhost'),
Chris@12 77 // you can enter regexes that are matched to the origin request header
Chris@12 78 'allowedOriginsPatterns' => array('/localhost:\d/'),
Chris@0 79 'exposedHeaders' => false,
Chris@0 80 'maxAge' => false,
Chris@0 81 'supportsCredentials' => false,
Chris@0 82 ));
Chris@0 83 ```