On this page
This component creates CORS details for your application. If the
CorsMiddleware detects a
CORS preflight, the middleware will start do detect
CORS configuration. The
Router is being used to detect every
allowed request method by executing a route match with all possible request
methods. Therefore, for every preflight request, there is at least one
request (depending on the configuration of the route, it might be just one or we
are executing a check for every request method).
Here is a list of the request methods being checked for the
The order of the headers might vary, depending on what request method is being
requested with the
CORS preflight request. In the end, the response contains
every possible request method of the route due to what the router tells the
The allowed origins can be configured as strings which can be matched with
wildcards are possible.
mezzio-cors provides a
CorsMiddleware which works out of the
box with once created a global configuration file. It can safely be added to the
projects pipeline as CORS details are needed for every request (in case its a
It uses the mezzio-router to match
the incoming URI. It starts with the HTTP request method which is provided by
the Request via the
Access-Control-Request-Method header and checks all
request methods until it matches a route. If that route states to be explicit,
the response is created immediately.
If the route is not explicit, all request methods are checked to provide a list of possible request methods to the client.