PHPackages                             b2b2dot0/magento-2-cors-requests - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. b2b2dot0/magento-2-cors-requests

ActiveMagento2-module[HTTP &amp; Networking](/categories/http)

b2b2dot0/magento-2-cors-requests
================================

Enabling cross-origin resource sharing (CORS) requests to Magento 2 API from configured Origin domain

100.0.7(3y ago)0634OSL-3.0PHPPHP ~7.1.3||~7.2.0||~7.3.0||~7.4.0||~8.1.0

Since Sep 11Pushed 3y agoCompare

[ Source](https://github.com/b2b2dot0/magento-2-cors-requests)[ Packagist](https://packagist.org/packages/b2b2dot0/magento-2-cors-requests)[ Docs](https://github.com/b2b2dot0/magento-2-cors-requests)[ RSS](/packages/b2b2dot0-magento-2-cors-requests/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (1)Dependencies (1)Versions (6)Used By (0)

Magento 2 CORS Cross-Domain Requests by SplashLab
=================================================

[](#magento-2-cors-cross-domain-requests-by-splashlab)

This module allows you to enable Cross-Origin Resource Sharing (CORS) REST API requests in Magento 2 by adding the appropriate HTTP headers and handling the pre-flight OPTIONS requests.

This can be used to allow AJAX and other requests to the Magento 2 REST API from another domain (or subdomain).

How to install
--------------

[](#how-to-install)

### 1. via composer

[](#1-via-composer)

```
composer require b2b2dot0/magento-2-cors-requests

```

OR

Edit `composer.json`

```
{
    "require": {
        "splashlab/magento-2-cors-requests": "100.0.7"
    }
}

```

```
composer install
php bin/magento setup:upgrade
php bin/magento setup:static-content:deploy

```

### 2. Copy and paste

[](#2-copy-and-paste)

Download latest version from GitHub

Paste into `app/code/SplashLab/CorsRequests` directory

```
php bin/magento setup:upgrade
php bin/magento setup:static-content:deploy

```

### 3. Update Origin URL

[](#3-update-origin-url)

In `Stores -> Configuration`, go to `General -> Web -> CORS Requests Configuration`.

Then edit the the `CORS Origin Url` field to the domain you want to enable cross-domain requests from. (i.e. )

How does it work?
-----------------

[](#how-does-it-work)

The full implementation of CORS cross-domain HTTP requests is outside the scope of this README, but this is what this module does:

1. Allows onfigureing an Origin Url in the Admin Configuration area - this is the domain which cross-domain requests are permitted from
2. This domain is added to a `Access-Control-Allow-Origin` response HTTP header
3. Optionally you can enable the `Access-Control-Allow-Credentials` header as well, to enable passing cookies

For non-GET and non-standard-POST requests (i.e. PUT and DELETE), the "pre-flight check" OPTIONS request is handled by:

1. An empty `/V1/cors/check` API response with the appropriate headers:
2. `Access-Control-Allow-Methods` response header, which mirrors the `Access-Control-Request-Method` request header
3. `Access-Control-Allow-Headers` response header, which mirrors the `Access-Control-Request-Headers` request header

### Alternative Solutions

[](#alternative-solutions)

You can also manage these CORS headers with Apache and Nginx rules, instead of using this extension:

-
-

But I created this extension to allow you to configure the Origin domain the Admin Configuration, and to avoid having to create and manage special server configuration.

CORS Cross-Domain Request References
------------------------------------

[](#cors-cross-domain-request-references)

- [https://en.wikipedia.org/wiki/Cross-origin\_resource\_sharing](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)
- [https://developer.mozilla.org/en-US/docs/Web/HTTP/Access\_control\_CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS)
-
-
-
- [magento/magento2#8399](https://github.com/magento/magento2/issues/8399)

###  Health Score

34

—

LowBetter than 77% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity15

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity74

Established project with proven stability

 Bus Factor1

Top contributor holds 71.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~336 days

Total

5

Last Release

1455d ago

PHP version history (5 changes)100.0.2PHP 7.0.2|7.0.4|~7.0.6|~7.1.0

100.0.3PHP 7.0.2|7.0.4|~7.0.6|~7.1.0|~7.2.0

100.0.4PHP ~7.1.3||~7.2.0||~7.3.0

100.0.6PHP ~7.1.3||~7.2.0||~7.3.0||~7.4.0

100.0.7PHP ~7.1.3||~7.2.0||~7.3.0||~7.4.0||~8.1.0

### Community

Maintainers

![](https://www.gravatar.com/avatar/df59a89f9df44dbc9383d8ecb73a8fb8e2ffe47bef864032f8d8fdb194977654?d=identicon)[electrobayan](/maintainers/electrobayan)

---

Top Contributors

[![thaddeusmt](https://avatars.githubusercontent.com/u/129787?v=4)](https://github.com/thaddeusmt "thaddeusmt (20 commits)")[![electrobayan](https://avatars.githubusercontent.com/u/31203526?v=4)](https://github.com/electrobayan "electrobayan (3 commits)")[![gihovani](https://avatars.githubusercontent.com/u/2844128?v=4)](https://github.com/gihovani "gihovani (2 commits)")[![floorz](https://avatars.githubusercontent.com/u/4982916?v=4)](https://github.com/floorz "floorz (1 commits)")[![nuovecode](https://avatars.githubusercontent.com/u/4451508?v=4)](https://github.com/nuovecode "nuovecode (1 commits)")[![rodde177](https://avatars.githubusercontent.com/u/455527?v=4)](https://github.com/rodde177 "rodde177 (1 commits)")

### Embed Badge

![Health badge](/badges/b2b2dot0-magento-2-cors-requests/health.svg)

```
[![Health](https://phpackages.com/badges/b2b2dot0-magento-2-cors-requests/health.svg)](https://phpackages.com/packages/b2b2dot0-magento-2-cors-requests)
```

###  Alternatives

[yireo/magento2-linkpreload

Magento 2 extension to set HTTP Link headers for primary resources to allow for HTTP/2 preloading

92343.7k1](/packages/yireo-magento2-linkpreload)[developersalliance/module-table-rates

This module allows administrators to manage and view shipping table rates from the admin UI.

443.4k](/packages/developersalliance-module-table-rates)[integer-net/magento2-async-varnish

Module for Magento 2 that defers and bundles purge requests to Varnish to reduce number of HTTP requests and increase speed of mass updates

221.3k](/packages/integer-net-magento2-async-varnish)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)