PHPackages damoclark/simple-cors - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [HTTP & Networking](/categories/http) 4. / 5. damoclark/simple-cors ActiveLibrary[HTTP & Networking](/categories/http) damoclark/simple-cors ===================== Simple Library for sending CORS headers v1.0.1(8y ago)380LGPL-3.0PHP Since Oct 18Pushed 8y ago1 watchersCompare [ Source](https://github.com/damoclark/simple-cors)[ Packagist](https://packagist.org/packages/damoclark/simple-cors)[ RSS](/packages/damoclark-simple-cors/feed)WikiDiscussions master Synced 2mo ago READMEChangelogDependencies (1)Versions (3)Used By (0) SimpleCors ========== [](#simplecors) Overview -------- [](#overview) A simple library providing cross-origin resource sharing (CORS) validation. The library is not tethered to any particular framework, and has only one dependency. CORS configuration is defined through an `ini` file, the path to which can be determined from a configurable web server environment variable. Installation ------------ [](#installation) Require `damoclark/simple-cors` using composer. Simple Usage ------------ [](#simple-usage) Prepare an `ini` file with your CORS security configuration: ``` ; https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers ; Access-Control-Allow-Headers: , , ... allowedHeaders[] = 'X-HEADER' ; https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods ; Access-Control-Allow-Methods: , , ... allowedMethods = 'GET,POST' ; https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin ; Access-Control-Allow-Origin: * ; Access-Control-Allow-Origin: allowedOrigins = '*' ; https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers ; Access-Control-Expose-Headers: , , ... ; exposedHeaders[] = ... ; Access-Control-Max-Age: ; maxAge = 86400 handle() or exit() ; ``` The `handle()` method will return true if your script should continue. Such situations include: - It is a valid CORS request - It is not a CORS request While the method will return false in the following situations: - When the method isn't permitted - When the origin isn't permitted - When the requested header isn't permitted - When it is a preflight request (OPTIONS request method) In the last case (preflight), the `handle()` method will have already sent back response headers to the client, so your script can still safely terminate this point, as per the example If you do not wish for your script to continue if it is not a CORS request, then use the following pattern: ``` // Respond with cors headers (where path to config ini file is stored in `CORSCONF` environment variable) $cors = new \damoclark\SimpleCors\SimpleCors() ; $cors->isCorsRequest() or exit() ; $cors->handle() or exit() ; ``` Contribution ------------ [](#contribution) Contributions (via Pull Requests) are welcome. Licence ------- [](#licence) Copyright (c) 2017 Damien Clark, [Damo's World](https://damos.world) Licenced under the terms of the [LGPLv3](https://www.gnu.org/licenses/lgpl.txt) [![LGPLv3](https://camo.githubusercontent.com/a1da4b7e54c375dff2551a41f1fe9e682473a4105e64aa06c82cd48cd36a78f0/68747470733a2f2f7777772e676e752e6f72672f67726170686963732f6c67706c76332d3134377835312e706e67 "LGPLv3")](https://camo.githubusercontent.com/a1da4b7e54c375dff2551a41f1fe9e682473a4105e64aa06c82cd48cd36a78f0/68747470733a2f2f7777772e676e752e6f72672f67726170686963732f6c67706c76332d3134377835312e706e67) THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DAMIEN CLARK BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ### Health Score 29 — LowBetter than 60% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity12 Limited adoption so far Community7 Small or concentrated contributor base Maturity64 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 3126d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/feddaa9460d5833e7a2abf2e6cfb62b899379bf5293436b6e5bb236920bb79fd?d=identicon)[damoclark](/maintainers/damoclark) --- Top Contributors [![damoclark](https://avatars.githubusercontent.com/u/275110?v=4)](https://github.com/damoclark "damoclark (10 commits)") --- Tags corsSimple ### Embed Badge ![Health badge](/badges/damoclark-simple-cors/health.svg) ``` [![Health](https://phpackages.com/badges/damoclark-simple-cors/health.svg)](https://phpackages.com/packages/damoclark-simple-cors) ``` ### Alternatives [asm89/stack-cors Cross-origin resource sharing library and stack middleware 1.3k180.6M24](/packages/asm89-stack-cors)[fruitcake/php-cors Cross-origin resource sharing library for the Symfony HttpFoundation 311242.1M35](/packages/fruitcake-php-cors)[tuupola/cors-middleware PSR-7 and PSR-15 CORS middleware 1331.8M24](/packages/tuupola-cors-middleware)[neomerx/cors-psr7 Framework agnostic (PSR-7) CORS implementation (www.w3.org/TR/cors/) 682.4M19](/packages/neomerx-cors-psr7)[jdesrosiers/silex-cors-provider A silex service provider that adds CORS services to silex 83892.3k10](/packages/jdesrosiers-silex-cors-provider)[zfr/zfr-cors Zend Framework module that let you deal with CORS requests 611.2M3](/packages/zfr-zfr-cors) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)