rabp99/cakephp-cors
Composer 安装命令:
composer require rabp99/cakephp-cors
包简介
A CakePHP 4 plugin for activate cors domain in your application
README 文档
README
A CakePHP (4+) plugin for activate cors domain in your application with Middleware.
For cake 3.3+ use branch cake-3
Requirements
- PHP version 7.2 or higher
- CakePhp 4.0 or higher
Installation
You can install this plugin into your CakePHP application using composer.
The recommended way to install composer packages is:
composer require rabp99/cakephp-cors
Quick Start
Loading the Plugin
// In src/Application.php public function bootstrap(): void { // code ... $this->addPlugin('Cors'); }
By default the plugin authorize cors for all origins, all methods and all headers and caches all for one day.
Configuration
Default configuration
<?php [ 'AllowOrigin' => true, // accept all origin 'AllowCredentials' => true, 'AllowMethods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE'], // accept all HTTP methods 'AllowHeaders' => true, // accept all headers 'ExposeHeaders' => false, // don't accept personal headers 'MaxAge' => 86400, // cache for 1 day 'exceptionRenderer' => 'Cors\Error\AppExceptionRenderer', // Use ExeptionRenderer class of plugin
Change config
In app.php add :
'Cors' => [ // My Config ]
AllowOrigin (Access-Control-Allow-Origin)
A returned resource may have one Access-Control-Allow-Origin header, with the following syntax:
'Cors' => [ // Accept all origins 'AllowOrigin' => true, // OR 'AllowOrigin' => '*', // Accept one origin 'AllowOrigin' => 'http://flavienbeninca.fr' // Accept many origins 'AllowOrigin' => ['http://flavienbeninca.fr', 'http://google.com'] ]
AllowCredentials (Access-Control-Allow-Credentials)
The Access-Control-Allow-Credentials header Indicates whether or not the response to the request can be exposed when the credentials flag is true. When used as part of a response to a preflight request, this indicates whether or not the actual request can be made using credentials. Note that simple GET requests are not preflighted, and so if a request is made for a resource with credentials, if this header is not returned with the resource, the response is ignored by the browser and not returned to web content.
'Cors' => [ 'AllowCredentials' => true, // OR 'AllowCredentials' => false, ]
AllowMethods (Access-Control-Allow-Methods)
'Cors' => [ // string 'AllowMethods' => 'POST', // OR array 'AllowMethods' => ['GET', 'POST'], ]
AllowHeaders (Access-Control-Allow-Headers)
The Access-Control-Allow-Headers header is used in response to a preflight request to indicate which HTTP headers can be used when making the actual request.
'Cors' => [ // accept all headers 'AllowHeaders' => true, // accept just authorization 'AllowHeaders' => 'authorization', // accept many headers 'AllowHeaders' => ['authorization', 'other-header'], ]
ExposeHeaders (Access-Control-Expose-Headers)
The Access-Control-Expose-Headers header lets a server whitelist headers that browsers are allowed to access. For example:
'Cors' => [ // nothing 'ExposeHeaders' => false, // string 'ExposeHeaders' => 'X-My-Custom-Header', // array 'ExposeHeaders' => ['X-My-Custom-Header', 'X-Another-Custom-Header'], ]
MaxAge (Access-Control-Max-Age)
The Access-Control-Max-Age header indicates how long the results of a preflight request can be cached. For an example of a preflight request, see the above examples.
'Cors' => [ // no cache 'MaxAge' => false, // 1 hour 'MaxAge' => 3600, // 1 day 'MaxAge' => 86400, ]
exceptionRenderer
This option overload default exceptionRenderer in app.php.
By default this class extends from Error.exceptionRenderer to add Cors Headers
If you don't want to overload exceptionRenderer, You must write
'Cors' => [ 'exceptionRenderer' => false ]
rabp99/cakephp-cors 适用场景与选型建议
rabp99/cakephp-cors 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 15.32k 次下载、GitHub Stars 达 4, 最近一次更新时间为 2021 年 01 月 09 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 rabp99/cakephp-cors 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 rabp99/cakephp-cors 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 15.32k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 5
- 点击次数: 6
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: Unknown
- 更新时间: 2021-01-09