Recent Posts
- (09/10) Fixing Warning: the ECDSA host key for 'github.com' differs from the key for the IP addressTAGS:Web Server Admin
- (12/26) CakePHP 3 - Getting List of Column Definitions from a Table (like schema())TAGS:CakephpCake3
- (09/14) Change Order of Loaded Behaviors in CakePHP 3TAGS:Cake3CakephpWeb ProgrammingPhp
- (05/29) CakePHP 3 - Accept JSON Header Only Working When Debug FalseTAGS:Web ProgrammingCakephpCake3
- (05/23) Remove All Events from Google Calendar (Reset Calendar)TAGS:Web ProgrammingPhp
- (11/08) Google Tag Manager (GTM) Not Firing Default PageView EventTAGS:Web ProgrammingJavascriptGoogle Tag Manager
- (10/13) In PHP, how do you get __toString() Magic Method Result without calling echo?TAGS:CakephpCake3Cakephp 13PhpWeb Programming
- (11/14) Getting output from shell_exec() at all timesTAGS:Web ProgrammingWeb Server Admin
Subscribe to my feed
MainelyDesign.com Blog
CORS Middleware in Cakephp 3
Posted on 10/11/2016 at 09:44 pm by Kevin Wentworth
Viewed 9,310 times | 0 comments
I didn't end up needing this (yet) but wanted to post here for future reference. This is CorsMiddleware for CakePHP 3:
- // Plugin\src\Middleware\CorsMiddleware.php
- namespace Plugin\Middleware;
- class CorsMiddleware
- {
- public function __invoke($request, $response, $next)
- {
- // Calling $next() delegates control to the *next* middleware
- // In your application's queue.
- $response = $next($request, $response);
- // When modifying the response, you should do it
- // *after* calling next.
- // Allow from any origin
- $response = $response->withHeader('Access-Control-Allow-Origin', $_SERVER['HTTP_ORIGIN']) // or '*'
- ->withHeader('Access-Control-Allow-Credentials', 'true')
- //->withHeader('Access-Control-Max-Age', '0'); // no cache
- ->withHeader('Access-Control-Max-Age', '86400'); // cache for 1 day
- // Access-Control headers are received during OPTIONS requests
- if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
- $response = $response->withHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
- }
- $response = $response->withHeader('Access-Control-Allow-Headers', $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']);
- }
- $response = $response->withoutHeader('Location');
- $response = $response->withStatus(200);
- }
- }
- return $response;
- }
- }
And make sure you put this in your plugin bootstrap file. (If you don't have a plugin you can just add middleware to your App/Application.php file)
- // Plugin\config\bootstrap.php or App\src\Application.php
- use Plugin\Middleware\CorsMiddleware;
- EventManager::instance()->on(
- 'Server.buildMiddleware',
- function ($event, $middleware) {
- $middleware->add(new CorsMiddleware());
- });
I started with the code I found here. Please note that this implementation is wide-open and doesn't limit the origin(s) in any way.
Cheers,
-Kevin Wentworth
Tags for CORS Middleware in Cakephp 3
Cakephp | Cake3 | Web Programming | Javascript | Example
Comments for this Posting
No comments. Be the first to post a reply.
Sorry, comments are closed for this posting.
Please Email Kevin if you have any questions. Thanks!