# Update...

README.md

@@ -51,6 +51,46 @@ $middlewareQueue
 
 By default the middleware authorize cors for all origins, all methods and all headers. No configuration required for work fine.
 
-## TODO
+## Custom configuration
 
- Documentation for custom configuration
+For using custom configuration, you must adding a ````Cors```` array in your ````config/app.php```` file.
+
+````php
+'Cors' => [
+
+    // Authorized options here
+
+    'AllowOrigin' => string|array,
+    'AllowMethods' => array,
+    'AllowHeaders' => array,
+    'ExposeHeaders' => array,
+    'AllowCredentials' => true|false,
+    'Maxge' => int
+
+]
+````
+
+## Authorized options
+
+#### Allow all domains
+
+````php
+'AllowOrigin' => '*'
+// Or
+'AllowOrigin' => ['*']
+````
+
+#### Allow one domain only
+
+````php
+'AllowOrigin' => 'localhost:4200'
+````
+
+#### Allow multiple domains
+
+````php
+'AllowOrigin' => [
+    'localhost:4200',
+    ...
+]
+````

src/CorsMiddleware.php

@@ -21,7 +21,7 @@ class CorsMiddleware
     public const CORS_ALLOW_HEADERS_TAG = "AllowHeaders";
     public const CORS_ALLOW_CREDENTIALS_TAG = "AllowCredentials";
     public const CORS_EXPOSE_HEADERS_TAG = "ExposeHeaders";
-    public const CORS_MAX_AGE_TAG = "ExposeHeaders";
+    public const CORS_MAX_AGE_TAG = "MaxAge";
 
     /**
      * @param CorsBuilder $corsBuilder