rabp99/cakephp-cors 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

rabp99/cakephp-cors

Composer 安装命令:

composer require rabp99/cakephp-cors

包简介

A CakePHP 4 plugin for activate cors domain in your application

README 文档

README

Build Status

A CakePHP (4+) plugin for activate cors domain in your application with Middleware.

Learn more about CORS

For cake 3.3+ use branch cake-3

Requirements

  • PHP version 7.2 or higher
  • CakePhp 4.0 or higher

Installation

You can install this plugin into your CakePHP application using composer.

The recommended way to install composer packages is:

composer require rabp99/cakephp-cors

Quick Start

Loading the Plugin

// In src/Application.php
public function bootstrap(): void
{
    // code ...
    $this->addPlugin('Cors');
}

By default the plugin authorize cors for all origins, all methods and all headers and caches all for one day.

Configuration

Default configuration

<?php
[
    'AllowOrigin' => true, // accept all origin
    'AllowCredentials' => true,
    'AllowMethods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE'], // accept all HTTP methods
    'AllowHeaders' => true, // accept all headers
    'ExposeHeaders' => false, // don't accept personal headers
    'MaxAge' => 86400, // cache for 1 day
    'exceptionRenderer' => 'Cors\Error\AppExceptionRenderer', // Use ExeptionRenderer class of plugin

Change config

In app.php add :

'Cors' => [
    // My Config
]

AllowOrigin (Access-Control-Allow-Origin)

A returned resource may have one Access-Control-Allow-Origin header, with the following syntax:

'Cors' => [
    // Accept all origins
    'AllowOrigin' => true,
    // OR
    'AllowOrigin' => '*',

    // Accept one origin
    'AllowOrigin' => 'http://flavienbeninca.fr'

    // Accept many origins
    'AllowOrigin' => ['http://flavienbeninca.fr', 'http://google.com']
]

AllowCredentials (Access-Control-Allow-Credentials)

The Access-Control-Allow-Credentials header Indicates whether or not the response to the request can be exposed when the credentials flag is true. When used as part of a response to a preflight request, this indicates whether or not the actual request can be made using credentials. Note that simple GET requests are not preflighted, and so if a request is made for a resource with credentials, if this header is not returned with the resource, the response is ignored by the browser and not returned to web content.

'Cors' => [
    'AllowCredentials' => true,
    // OR
    'AllowCredentials' => false,
]

AllowMethods (Access-Control-Allow-Methods)

'Cors' => [
    // string
    'AllowMethods' => 'POST',
    // OR array
    'AllowMethods' => ['GET', 'POST'],
]

AllowHeaders (Access-Control-Allow-Headers)

The Access-Control-Allow-Headers header is used in response to a preflight request to indicate which HTTP headers can be used when making the actual request.

'Cors' => [
    // accept all headers
    'AllowHeaders' => true,

    // accept just authorization
    'AllowHeaders' => 'authorization',

    // accept many headers
    'AllowHeaders' => ['authorization', 'other-header'],
]

ExposeHeaders (Access-Control-Expose-Headers)

The Access-Control-Expose-Headers header lets a server whitelist headers that browsers are allowed to access. For example:

'Cors' => [
    // nothing
    'ExposeHeaders' => false,

    // string
    'ExposeHeaders' => 'X-My-Custom-Header',

    // array
    'ExposeHeaders' => ['X-My-Custom-Header', 'X-Another-Custom-Header'],
]

MaxAge (Access-Control-Max-Age)

The Access-Control-Max-Age header indicates how long the results of a preflight request can be cached. For an example of a preflight request, see the above examples.

'Cors' => [
    // no cache
    'MaxAge' => false,

    // 1 hour
    'MaxAge' => 3600,

    // 1 day
    'MaxAge' => 86400,
]

exceptionRenderer

This option overload default exceptionRenderer in app.php.

By default this class extends from Error.exceptionRenderer to add Cors Headers

If you don't want to overload exceptionRenderer, You must write

'Cors' => [
	'exceptionRenderer' => false
]

Read more

rabp99/cakephp-cors 适用场景与选型建议

rabp99/cakephp-cors 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 15.32k 次下载、GitHub Stars 达 4, 最近一次更新时间为 2021 年 01 月 09 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 rabp99/cakephp-cors 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 rabp99/cakephp-cors 我们能提供哪些服务?
定制开发 / 二次开发

基于 rabp99/cakephp-cors 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 15.32k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 5
  • 点击次数: 6
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 4
  • Watchers: 0
  • Forks: 30
  • 开发语言: PHP

其他信息

  • 授权协议: Unknown
  • 更新时间: 2021-01-09