Implements fruitcake/laravel-cors for Hyperf.

• Handles CORS pre-flight OPTIONS requests
• Adds CORS headers to your responses
• Match routes to only add CORS to certain Requests

Require the gokure/hyperf-cors package in your composer.json and update your dependencies:

composer require gokure/hyperf-cors

To allow CORS for all your routes, add the CorsMiddleware middleware at the top of the property of config/autoload/middlewares.php file and set the paths property in the config (see Configuration below):

'http' => [
    \Gokure\HyperfCors\CorsMiddleware::class,
    ...
],

The defaults are set in config/autoload/cors.php. Publish the config to copy the file to your own config:

php bin/hyperf.php vendor:publish gokure/hyperf-cors

Note: When using custom headers, like X-Auth-Token or X-Requested-With, you must set the allowed_headers to include those headers. You can also set it to ['*'] to allow all custom headers.

Note: If you are explicitly whitelisting headers, you must include Origin or requests will fail to be recognized as CORS.

allowed_origins, allowed_headers and allowed_methods can be set to ['*'] to accept any value.

Note: For allowed_origins you must include the scheme when not using a wildcard, e.g. ['http://example.com', 'https://example.com']. You must also take into account that the scheme will be present when using allowed_origins_patterns.

Released under the MIT License, see LICENSE.