Lumen CORS

Cross-Origin Resource Sharing (CORS) module for the Lumen PHP framework.

Requirements

• PHP 7.1 or newer
• Composer
• Lumen 5.4 or newer

Usage

Installation

Run the following command to install the package through Composer:

composer require nordsoftware/lumen-cors

Configure

Copy the configuration template in config/cors.php to your application's config directory and modify according to your needs. For more information see the Configuration Files section in the Lumen documentation.

Available configuration options:

• allow_origins array Origins that are allowed to perform requests, defaults to an empty array. Patterns also accepted, for example *.foo.com
• allow_methods array HTTP methods that are allowed, defaults to an empty array
• allow_headers array HTTP headers that are allowed, defaults to an empty array
• allow_credentials boolean Whether or not the response can be exposed when credentials are present, defaults to false
• expose_headers array HTTP headers that are allowed to be exposed to the web browser, defaults to an empty array
• max_age integer Indicates how long preflight request can be cached, defaults to 0

Bootstrapping

Add the following lines to bootstrap/app.php:

$app->register('Nord\Lumen\Cors\CorsServiceProvider');

$app->middleware([
	.....
	'Nord\Lumen\Cors\CorsMiddleware',
]);

The module now automatically handles all CORS requests.

Customizing behavior

While the service can be configured somewhat using config/cors.php, some more exotic things such as regular expressions for allowed origins cannot. If you need to, you can provide this custom functionality yourself:

1. Extend CorsService and override e.g. isOriginAllowed()
2. Extend CorsServiceProvider and override registerBindings(), then register your own service class instead

Contributing

Please read the guidelines.

Running tests

Clone the project and install its dependencies by running:

composer install

Run the following command to run the test suite:

composer test

License

See LICENSE.