{"id":17160962,"url":"https://github.com/audunru/dynamic-cors","last_synced_at":"2025-04-13T14:11:34.820Z","repository":{"id":240766613,"uuid":"803402577","full_name":"audunru/dynamic-cors","owner":"audunru","description":"Dynamic CORS settings in Laravel","archived":false,"fork":false,"pushed_at":"2025-03-16T09:27:29.000Z","size":475,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-27T05:12:36.721Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/audunru.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-05-20T16:49:35.000Z","updated_at":"2025-03-16T09:27:10.000Z","dependencies_parsed_at":"2024-05-20T20:26:23.538Z","dependency_job_id":"39935d99-e612-4682-9331-6c7df68a30eb","html_url":"https://github.com/audunru/dynamic-cors","commit_stats":null,"previous_names":["audunru/dynamic-cors"],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/audunru%2Fdynamic-cors","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/audunru%2Fdynamic-cors/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/audunru%2Fdynamic-cors/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/audunru%2Fdynamic-cors/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/audunru","download_url":"https://codeload.github.com/audunru/dynamic-cors/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248724629,"owners_count":21151561,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-14T22:26:40.468Z","updated_at":"2025-04-13T14:11:34.800Z","avatar_url":"https://github.com/audunru.png","language":"PHP","readme":"# Dynamic CORS options in Laravel\n\n[![Build Status](https://github.com/audunru/dynamic-cors/actions/workflows/validate.yml/badge.svg)](https://github.com/audunru/dynamic-cors/actions/workflows/validate.yml)\n[![Coverage Status](https://coveralls.io/repos/github/audunru/dynamic-cors/badge.svg?branch=main)](https://coveralls.io/github/audunru/dynamic-cors?branch=main)\n[![StyleCI](https://github.styleci.io/repos/803402577/shield?branch=main)](https://github.styleci.io/repos/803402577)\n\nTypically used to configure custom allowed origins per user/account, so that your users can access your HTTP API from different domains without getting CORS errors.\n\nUnder the hood, this middleware dynamically sets Laravel's default CORS configuration options. Basically, it's a wrapper for calls like...\n\n```php\nconfig(\"cors.allowed_origins\", [\"https://www.example.com\"]);\n```\n\n... where the list of of allowed origins would dynamically change, for example come from the user's account settings.\n\n# Installation\n\n```bash\ncomposer require audunru/dynamic-cors\n```\n\nYou will have to replace Laravel's default `HandleCors` middleware with a version that extends `audunru\\DynamicCors\\Middleware\\HandleCors`.\n\n1. Ensure that you are [manually managing Laravel's default global middleware](https://laravel.com/docs/11.x/middleware#manually-managing-laravels-default-global-middleware).\n\n2. Remove `\\Illuminate\\Http\\Middleware\\HandleCors::class` from the middleware stack.\n\n3. Create a new file `app/Http/Middleware/UserCors.php`.\n\nYou can place this wherever you want, and of course name it according to what it does in your application.\n\nThis is an example where a user has a list of per-user allowed origins, perhaps controlled by themselves in the application UI.\n\n```php\n\nnamespace App\\Http\\Middleware;\n\nuse Closure;\nuse audunru\\DynamicCors\\Middleware\\HandleCors;\n\nclass UserCors extends HandleCors\n{\n    public function handle($request, Closure $next)\n    {\n        $user = Auth::user();\n\n        $this-\u003eallowedOrigins = array_merge(\n            [config('app.url')],\n            $user-\u003eallowedOrigins // Note: allowedOrigins does not exist by default, it's something you would have to create. Or make something completely different\n        );\n\n        return parent::handle($request, $next);\n    }\n}\n```\n\n`audunru\\DynamicCors\\Middleware\\HandleCors` has protected properties for `allowedOrigins` and all the other CORS service settings. Any properties that you set in your middleware will be used by the CORS service. Properties that you don't set will use the value set in `cors.php`.\n\n4. Add `\\App\\Http\\Middleware\\HandleCors::class` to the middleware stack.\n\n# Development\n\n## Testing\n\nRun tests:\n\n```bash\ncomposer test\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faudunru%2Fdynamic-cors","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faudunru%2Fdynamic-cors","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faudunru%2Fdynamic-cors/lists"}