BEdita API doc | 4-cactus
  • Namespace
  • Class
  • Tree
  • Deprecated
  • Download

Namespaces

  • BEdita
    • API
      • Auth
      • Controller
        • Admin
        • Model
      • Exception
      • Middleware
      • Model
        • Action
      • Network
        • Exception
      • Utility
    • Core
      • Database
        • Type
      • Exception
      • Filesystem
        • Adapter
        • Exception
        • Thumbnail
      • Job
        • Service
      • Mailer
        • Preview
        • Transport
      • Model
        • Action
        • Behavior
        • Entity
        • Validation
      • ORM
        • Locator
      • Utility

Classes

  • AnalyticsMiddleware
  • CorsMiddleware

Class CorsMiddleware

Handle cross-origin HTTP requests setting the proper headers.

The response of preflight request (OPTIONS) is delivered directly after the headers are applied. For simple requests the CORS headers are applied before sending response.

Namespace: BEdita\API\Middleware
Since: 4.0.0
Located at API/src/Middleware/CorsMiddleware.php

Methods summary

public
# __construct( array|null $corsConfig = null )

Constructor

Constructor

Setup CORS using $corsConfig array

Parameters

$corsConfig
CORS configuration

See

self::corsConfig
public Psr\Http\Message\ResponseInterface
# __invoke( Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response, callable $next )

If no CORS configuration is present delegate to server If the request is a preflight send the response applying CORS rules. If it is a simple request it applies CORS rules to the response and call next middleware

If no CORS configuration is present delegate to server If the request is a preflight send the response applying CORS rules. If it is a simple request it applies CORS rules to the response and call next middleware

Parameters

$request
The request.
$response
The response.
$next
The next middleware to call.

Returns

Psr\Http\Message\ResponseInterface
A response.
public boolean
# isConfigured( )

Tell if CORS is configured

Tell if CORS is configured

Returns

boolean
protected Psr\Http\Message\ResponseInterface
# buildCors( Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response )

Build response headers following CORS configuration and return the new response

Build response headers following CORS configuration and return the new response

Parameters

$request
The request.
$response
The response.

Returns

Psr\Http\Message\ResponseInterface
A response.

Throws

Cake\Http\Exception\ForbiddenException
When origin

Properties summary

protected array $corsConfig

CORS configuration

CORS configuration

where: - 'allowOrigin' is a single domain or an array of domains - 'allowMethods' is an array of HTTP methods (it's applied only to preflight requests) - 'allowHeaders' is an array of HTTP headers (it's applied only to preflight requests) - 'allowCredentials' enable cookies to be sent in CORS requests - 'exposeHeaders' is an array of headers that a client library/browser can expose to scripting - 'maxAge' is the max-age preflight OPTIONS requests are valid for (it's applied only to preflight requests)

When value is falsy the related configuration is skipped.

'allowOrigin', 'allowMethods' and 'allowHeaders' support the '*' wildcard to allow respectively every origin, every methods and every headers.
# [ 'allowOrigin' => false, 'allowMethods' => false, 'allowHeaders' => false, 'allowCredentials' => false, 'exposeHeaders' => false, 'maxAge' => false, ]
BEdita API doc | 4-cactus API documentation generated by ApiGen