Lumen CORS

Cross-Origin Resource Sharing (CORS) module for the Lumen PHP framework.

Requirements

• PHP 7.1 or newer
• Composer
• Lumen 5.4 or newer

Usage

Installation

Run the following command to install the package through Composer:

composer require everestmx/lumen-cors

Configure

Copy the configuration template in config/cors.php to your application's config directory and modify according to your needs. For more information see the Configuration Files section in the Lumen documentation.

Available configuration options:

• allow_origins array Origins that are allowed to perform requests, defaults to an empty array. Patterns also accepted, for example *.foo.com
• allow_methods array HTTP methods that are allowed, defaults to an empty array
• allow_headers array HTTP headers that are allowed, defaults to an empty array
• allow_credentials boolean Whether or not the response can be exposed when credentials are present, defaults to false
• expose_headers array HTTP headers that are allowed to be exposed to the web browser, defaults to an empty array
• max_age integer Indicates how long preflight request can be cached, defaults to 0

Bootstrapping

Add the following lines to bootstrap/app.php:

$app->register('Everestmx\Lumen\Cors\CorsServiceProvider');

$app->middleware([
	...
	'Everestmx\Lumen\Cors\CorsMiddleware',
]);

The module now automatically handles all CORS requests.

Customizing behavior

While the service can be configured somewhat using config/cors.php, some more exotic things such as regular expressions for allowed origins cannot. If you need to, you can provide this custom functionality yourself:

1. Extend CorsService and override e.g. isOriginAllowed()
2. Extend CorsServiceProvider and override registerBindings(), then register your own service class instead

Running tests

Clone the project and install its dependencies by running:

composer install

Run the following command to run the test suite:

composer test