Updated CORS middleware
Change-Id: If0b274bf6d3ff334e7c2005ac3213f580e3b2f68 Signed-off-by: smarcet <smarcet@gmail.com>
This commit is contained in:
smarcet
parent
0c63a1fe21
commit
9d8678a9b1
@ -71,7 +71,7 @@ class Kernel extends HttpKernel
|
|||||||
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
|
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
|
||||||
'csrf' => \App\Http\Middleware\VerifyCsrfToken::class,
|
'csrf' => \App\Http\Middleware\VerifyCsrfToken::class,
|
||||||
'oauth2.endpoint' => \App\Http\Middleware\OAuth2BearerAccessTokenRequestValidator::class,
|
'oauth2.endpoint' => \App\Http\Middleware\OAuth2BearerAccessTokenRequestValidator::class,
|
||||||
'cors' => \App\Http\Middleware\CORSMiddleware::class,
|
'cors' => \Spatie\Cors\Cors::class,
|
||||||
'oauth2.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdmin::class,
|
'oauth2.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdmin::class,
|
||||||
'oauth2.currentuser.serveradmin.json' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdminJson::class,
|
'oauth2.currentuser.serveradmin.json' => \App\Http\Middleware\CurrentUserIsOAuth2ServerAdminJson::class,
|
||||||
'openstackid.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOpenIdServerAdmin::class,
|
'openstackid.currentuser.serveradmin' => \App\Http\Middleware\CurrentUserIsOpenIdServerAdmin::class,
|
||||||
|
|||||||
@ -26,6 +26,7 @@
|
|||||||
"ext-json": "*",
|
"ext-json": "*",
|
||||||
"ext-pdo": "*",
|
"ext-pdo": "*",
|
||||||
"beberlei/DoctrineExtensions": "1.1.5",
|
"beberlei/DoctrineExtensions": "1.1.5",
|
||||||
|
"behat/transliterator": "^1.2",
|
||||||
"doctrine/orm": "2.6.4",
|
"doctrine/orm": "2.6.4",
|
||||||
"doctrine/persistence": "1.1.1",
|
"doctrine/persistence": "1.1.1",
|
||||||
"ezyang/htmlpurifier": "v4.12.0",
|
"ezyang/htmlpurifier": "v4.12.0",
|
||||||
@ -42,16 +43,16 @@
|
|||||||
"laravel/framework": "5.6.39",
|
"laravel/framework": "5.6.39",
|
||||||
"laravel/tinker": "^1.0",
|
"laravel/tinker": "^1.0",
|
||||||
"laravelcollective/html": "5.6.10",
|
"laravelcollective/html": "5.6.10",
|
||||||
|
"php-opencloud/openstack": "dev-master",
|
||||||
"phpseclib/phpseclib": "2.0.11",
|
"phpseclib/phpseclib": "2.0.11",
|
||||||
"predis/predis": "v1.0.4",
|
"predis/predis": "v1.0.4",
|
||||||
"s-ichikawa/laravel-sendgrid-driver": "2.1.0",
|
"s-ichikawa/laravel-sendgrid-driver": "2.1.0",
|
||||||
"smarcet/jose4php": "1.0.17",
|
"smarcet/jose4php": "1.0.17",
|
||||||
"sokil/php-isocodes": "^3.0",
|
"sokil/php-isocodes": "^3.0",
|
||||||
|
"spatie/laravel-cors": "^1.6",
|
||||||
"vladimir-yuldashev/laravel-queue-rabbitmq": "v7.5.0",
|
"vladimir-yuldashev/laravel-queue-rabbitmq": "v7.5.0",
|
||||||
"zendframework/zend-crypt": "3.3.0",
|
"zendframework/zend-crypt": "3.3.0",
|
||||||
"zendframework/zend-math": "3.1.1",
|
"zendframework/zend-math": "3.1.1"
|
||||||
"behat/transliterator": "^1.2",
|
|
||||||
"php-opencloud/openstack": "dev-master"
|
|
||||||
},
|
},
|
||||||
"require-dev": {
|
"require-dev": {
|
||||||
"filp/whoops": "^2.0",
|
"filp/whoops": "^2.0",
|
||||||
|
|||||||
62
composer.lock
generated
62
composer.lock
generated
@ -4,7 +4,7 @@
|
|||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "854ef28a2d0791b40effd8e07aac9fbd",
|
"content-hash": "5a4009cbd3ca88e6d46b717bd410d1f2",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
{
|
||||||
"name": "beberlei/doctrineextensions",
|
"name": "beberlei/doctrineextensions",
|
||||||
@ -4305,6 +4305,66 @@
|
|||||||
"description": "ISO country, subdivision, language, currency and script definitions and their translations. Based on pythons pycountry and Debian's iso-codes.",
|
"description": "ISO country, subdivision, language, currency and script definitions and their translations. Based on pythons pycountry and Debian's iso-codes.",
|
||||||
"time": "2020-05-28T22:28:43+00:00"
|
"time": "2020-05-28T22:28:43+00:00"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "spatie/laravel-cors",
|
||||||
|
"version": "1.6.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/spatie/laravel-cors.git",
|
||||||
|
"reference": "d74099d57821d5a72ae21416c0be0dcd58779355"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/spatie/laravel-cors/zipball/d74099d57821d5a72ae21416c0be0dcd58779355",
|
||||||
|
"reference": "d74099d57821d5a72ae21416c0be0dcd58779355",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"illuminate/support": "5.5.*|5.6.*|5.7.*|5.8.*|^6.0",
|
||||||
|
"php": "^7.2"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"orchestra/testbench": "3.5.*|3.6.*|3.7.*|3.8.*|^4.0",
|
||||||
|
"phpunit/phpunit": "^8.0"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"extra": {
|
||||||
|
"laravel": {
|
||||||
|
"providers": [
|
||||||
|
"Spatie\\Cors\\CorsServiceProvider"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"Spatie\\Cors\\": "src"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Freek Van der Herten",
|
||||||
|
"email": "freek@spatie.be",
|
||||||
|
"homepage": "https://spatie.be",
|
||||||
|
"role": "Developer"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Send CORS headers in a Laravel or Lumen application",
|
||||||
|
"homepage": "https://github.com/spatie/laravel-cors",
|
||||||
|
"keywords": [
|
||||||
|
"ajax",
|
||||||
|
"api",
|
||||||
|
"cors",
|
||||||
|
"laravel-cors",
|
||||||
|
"request",
|
||||||
|
"spatie"
|
||||||
|
],
|
||||||
|
"abandoned": "laravel/framework",
|
||||||
|
"time": "2019-09-04T06:55:15+00:00"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "swiftmailer/swiftmailer",
|
"name": "swiftmailer/swiftmailer",
|
||||||
"version": "v6.2.3",
|
"version": "v6.2.3",
|
||||||
|
|||||||
63
config/cors.php
Normal file
63
config/cors.php
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
return [
|
||||||
|
|
||||||
|
/*
|
||||||
|
* A cors profile determines which origins, methods, headers are allowed for
|
||||||
|
* a given requests. The `DefaultProfile` reads its configuration from this
|
||||||
|
* config file.
|
||||||
|
*
|
||||||
|
* You can easily create your own cors profile.
|
||||||
|
* More info: https://github.com/spatie/laravel-cors/#creating-your-own-cors-profile
|
||||||
|
*/
|
||||||
|
'cors_profile' => Spatie\Cors\CorsProfile\DefaultProfile::class,
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This configuration is used by `DefaultProfile`.
|
||||||
|
*/
|
||||||
|
'default_profile' => [
|
||||||
|
|
||||||
|
'allow_credentials' => false,
|
||||||
|
|
||||||
|
'allow_origins' => [
|
||||||
|
'*',
|
||||||
|
],
|
||||||
|
|
||||||
|
'allow_methods' => [
|
||||||
|
'POST',
|
||||||
|
'GET',
|
||||||
|
'OPTIONS',
|
||||||
|
'PUT',
|
||||||
|
'PATCH',
|
||||||
|
'DELETE',
|
||||||
|
],
|
||||||
|
|
||||||
|
'allow_headers' => [
|
||||||
|
'Accept',
|
||||||
|
'Content-Type',
|
||||||
|
'X-Auth-Token',
|
||||||
|
'Origin',
|
||||||
|
'Authorization',
|
||||||
|
'X-Requested-With',
|
||||||
|
],
|
||||||
|
|
||||||
|
'expose_headers' => [
|
||||||
|
'Cache-Control',
|
||||||
|
'Content-Language',
|
||||||
|
'Content-Type',
|
||||||
|
'Expires',
|
||||||
|
'Last-Modified',
|
||||||
|
'Pragma',
|
||||||
|
],
|
||||||
|
|
||||||
|
'forbidden_response' => [
|
||||||
|
'message' => 'Forbidden (cors).',
|
||||||
|
'status' => 403,
|
||||||
|
],
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Preflight request will respond with value for the max age header.
|
||||||
|
*/
|
||||||
|
'max_age' => 60 * 60 * 24,
|
||||||
|
],
|
||||||
|
];
|
||||||
Loading…
x
Reference in New Issue
Block a user