PHPackages                             pagemachine/cors - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. pagemachine/cors

AbandonedArchivedTypo3-cms-extension[HTTP &amp; Networking](/categories/http)

pagemachine/cors
================

Cross Origin Resource Sharing for TYPO3 CMS.

2.0.6(8y ago)83.8k3GPL-3.0-or-laterPHPPHP ^5.6 || ^7.0

Since Nov 14Pushed 4y ago4 watchersCompare

[ Source](https://github.com/pagemachine/cors)[ Packagist](https://packagist.org/packages/pagemachine/cors)[ RSS](/packages/pagemachine-cors/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (1)Dependencies (6)Versions (22)Used By (0)

CORS [![CI](https://github.com/pagemachine/cors/workflows/CI/badge.svg)](https://github.com/pagemachine/cors/workflows/CI/badge.svg)
====================================================================================================================================

[](#cors-)

[Cross Origin Resource Sharing](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS) for TYPO3

Installation
------------

[](#installation)

This extension is installable from various sources:

1. Via [Composer](https://packagist.org/packages/pagemachine/cors):

    ```
     composer require pagemachine/cors

    ```
2. From the [TYPO3 Extension Repository](https://extensions.typo3.org/extension/cors/)
3. From [Github](https://github.com/pagemachine/cors/releases)

Configuration
-------------

[](#configuration)

All configuration options can be set via TypoScript setup in `config.cors` or per page object in `page.config.cors`. The following options are available:

OptionTypeDescription`allowCredentials`int/booleanProcessing of the `credentials` flag`allowHeaders`stringList of allowed headers (X-Foo, ...), [simple headers](http://www.w3.org/TR/2014/REC-cors-20140116/#simple-header) are always allowed`allowMethods`stringList of allowed methods (PUT, DELETE, ...), [simple methods](http://www.w3.org/TR/2014/REC-cors-20140116/#simple-method) are always allowed`allowOrigin`stringList of allowed origins`allowOrigin.pattern`stringRegular expression for matching origins, make sure to escape as necessary`exposeHeaders`stringList of headers exposed to clients`maxAge`intCache lifetime of preflight requests, watch out for browser limitsNote that all options support [stdWrap](http://docs.typo3.org/typo3cms/TyposcriptReference/Functions/Stdwrap/Index.html) processing through their `.stdWrap` property.

### Examples

[](#examples)

- Origin wildcarding:

    ```
      config.cors {
        allowOrigin = *
      }

    ```
- Simple list of origins:

    ```
      config.cors {
        allowOrigin = http://example.org, http://example.com
        // More readable version
        allowOrigin (
          http://example.org,
          http://example.com
        )
      }

    ```
- Matching origins via regular expressions:

    ```
      config.cors {
        allowOrigin.pattern = https?://example\.(org|com)
      }

    ```
- Allow specific methods:

    ```
      config.cors {
        allowMethods = GET, POST, PUT, DELETE
      }

    ```
- Allow headers:

    ```
      config.cors {
        allowHeaders = (
          Content-Type,
          ...
        )
      }

    ```
- Allow `credential` flag processing:

    ```
      config.cors {
        // Set to 1/true to enable
        allowCredentials = 1
      }

    ```
- Expose headers:

    ```
     config.cors {
       exposeHeaders (
         X-My-Custom-Header,
         X-Another-Custom-Header
       )
     }

    ```
- Set maximum age of preflight request result:

    ```
      config.cors {
        // 10 minutes
        maxAge = 600
      }

    ```
- Set maximum age via some `stdWrap` processing:

    ```
      config.cors {
        maxAge.stdWrap.cObject = TEXT
        maxAge.stdWrap.cObject {
          value = 600
        }
      }

    ```

Issues
------

[](#issues)

Found a bug? Need a feature? Let us know through our [issue tracker](https://github.com/pagemachine/cors/issues).

Testing
-------

[](#testing)

All tests can be executed with the shipped Docker Compose definition:

```
docker-compose run --rm app composer build

```

###  Health Score

35

—

LowBetter than 79% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity24

Limited adoption so far

Community15

Small or concentrated contributor base

Maturity67

Established project with proven stability

 Bus Factor1

Top contributor holds 96.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~63 days

Recently: every ~158 days

Total

21

Last Release

2926d ago

Major Versions

1.3.1 → 2.0.02016-04-13

PHP version history (3 changes)1.2.2PHP &gt;=5.3

2.0.1PHP ^5.6 | ^7.0

2.0.4PHP ^5.6 || ^7.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/10812548?v=4)[Pagemachine AG](/maintainers/pagemachine)[@pagemachine](https://github.com/pagemachine)

---

Top Contributors

[![mbrodala](https://avatars.githubusercontent.com/u/5037116?v=4)](https://github.com/mbrodala "mbrodala (291 commits)")[![renovate-bot](https://avatars.githubusercontent.com/u/25180681?v=4)](https://github.com/renovate-bot "renovate-bot (6 commits)")[![ducrot](https://avatars.githubusercontent.com/u/3525119?v=4)](https://github.com/ducrot "ducrot (2 commits)")[![jwundrak](https://avatars.githubusercontent.com/u/2864042?v=4)](https://github.com/jwundrak "jwundrak (2 commits)")

---

Tags

corsphptypo3typo3-extensioncorstypo3

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/pagemachine-cors/health.svg)

```
[![Health](https://phpackages.com/badges/pagemachine-cors/health.svg)](https://phpackages.com/packages/pagemachine-cors)
```

###  Alternatives

[asm89/stack-cors

Cross-origin resource sharing library and stack middleware

1.3k180.6M24](/packages/asm89-stack-cors)[fruitcake/php-cors

Cross-origin resource sharing library for the Symfony HttpFoundation

311242.1M35](/packages/fruitcake-php-cors)[typo3/testing-framework

The TYPO3 testing framework provides base classes for unit, functional and acceptance testing.

675.0M775](/packages/typo3-testing-framework)[aoe/restler

A TYPO3-Extension, that integrates the popular PHP REST-framework Restler in TYPO3.

3177.5k1](/packages/aoe-restler)[pagemachine/typo3-formlog

Form log for TYPO3

23225.3k6](/packages/pagemachine-typo3-formlog)[leuchtfeuer/secure-downloads

"Secure Download": Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access.

22234.7k1](/packages/leuchtfeuer-secure-downloads)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)