PHP yii\filters Cors Examples

Programming Language: PHP

Namespace/Package Name: yii\filters

Class/Type: Cors

Examples at hotexamples.com: 28

PHP yii\filters Cors - 28 examples found. These are the top rated real world PHP examples of yii\filters\Cors extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

className(28)

Make sure to read carefully what CORS does and does not. CORS do not secure your API, but allow the developer to grant access to third party code (ajax calls from external domain). You may use CORS filter by attaching it as a behavior to a controller or module, like the following, php public function behaviors() { return [ 'corsFilter' => [ 'class' => \yii\filters\Cors::className(), ], ]; } The CORS filter can be specialized to restrict parameters, like this, MDN CORS Information php public function behaviors() { return [ 'corsFilter' => [ 'class' => \yii\filters\Cors::className(), 'cors' => [ restrict access to 'Origin' => ['http://www.myserver.com', 'https://www.myserver.com'], 'Access-Control-Request-Method' => ['POST', 'PUT'], Allow only POST and PUT methods 'Access-Control-Request-Headers' => ['X-Wsse'], Allow only headers 'X-Wsse' 'Access-Control-Allow-Credentials' => true, Allow OPTIONS caching 'Access-Control-Max-Age' => 3600, Allow the X-Pagination-Current-Page header to be exposed to the browser. 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page'], ], ], ]; } For more information on how to add the CORS filter to a controller, see the Guide on REST controllers.

Since: 2.0

Author: Philippe Gaultier (pgaultier@gmail.com)

Inheritance: extends yii\base\ActionFilter

Cors Class Documentation

Example #1

Show file

File: SecureActiveController.php Project: kuznetsov0209/mercdev-soccer-server

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'except' => ['options']];
     $behaviors['corsFilter'] = ['class' => Cors::className()];
     return $behaviors;
 }

Example #2

Show file

File: Controller.php Project: VictorGub/yii2-swagger

 public function behaviors()
 {
     // Options Request Behavior must going at first because swagger makes OPTIONS requests before POST
     // and this behavior must run early than VerbsFilter
     $behaviors = ['optionsRequestFilter' => OptionsRequestFilter::className()];
     $behaviors = array_merge($behaviors, parent::behaviors(), ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'corsFilter' => Cors::className(), 'authenticator' => QueryParamAuthSwagger::className()]);
     return $behaviors;
 }

Example #3

Show file

File: NestedActiveController.php Project: shaan360/Yii2_foundation-apps

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // SEE https://github.com/yiisoft/yii2/pull/8626
     //$behaviors['corsFilter'] = [
     $behaviors[0] = ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Expose-Headers' => ['Link', 'X-Pagination-Current-Page', 'X-Pagination-Page-Count', 'X-Pagination-Per-Page', 'X-Pagination-Total-Count']]];
     //$behaviors['authenticator'] = [
     $behaviors[1] = ['class' => \yii\filters\auth\HttpBearerAuth::className(), 'except' => ['options']];
     return $behaviors;
 }

Example #4

Show file

File: SiteController.php Project: shinzero999/Eveda-yii

 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $self = $this;
     return ['access' => ['class' => AccessControl::className(), 'only' => ['logout', 'signup'], 'rules' => [['actions' => ['signup'], 'allow' => true, 'roles' => ['?']], ['actions' => ['logout'], 'allow' => true, 'roles' => ['@']]], 'denyCallback' => function ($rule, $action) use($self) {
         if ('signup' == $action->id) {
             return $self->afterLogin();
         } else {
             return $self->redirect(['site/index']);
         }
     }], 'verbs' => ['class' => VerbFilter::className(), 'actions' => []], 'corsFilter' => ['class' => \yii\filters\Cors::className()]];
 }

Example #5

Show file

File: RestController.php Project: hustshenl/yii2-ucenter

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     if ($this->jsonCallback) {
         $behaviors['contentNegotiator']['formats']['*/*'] = Response::FORMAT_JSONP;
         $behaviors['contentNegotiator']['formats']['application/xml'] = Response::FORMAT_JSONP;
         $behaviors['contentNegotiator']['formats']['application/json'] = Response::FORMAT_JSONP;
     } else {
         $behaviors['contentNegotiator']['formats']['*/*'] = Response::FORMAT_JSON;
         $behaviors['contentNegotiator']['formats']['application/xml'] = Response::FORMAT_JSON;
         $behaviors['contentNegotiator']['formats']['application/json'] = Response::FORMAT_JSON;
     }
     $behaviors['corsFilter'] = ['class' => yii\filters\Cors::className(), 'cors' => Yii::$app->params['cors']];
     return $behaviors;
 }

Example #6

Show file

File: UserController.php Project: ninetor/newerp

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     //        $behaviors['corsFilter'] =
     //            [
     //                    'class' => Cors::className(),
     //                    'cors' => [
     //                        'Origin' => ['http://erp.local'],
     //                        'Origin' => ['*'],
     //                        'Access-Control-Request-Method' => ['GET', 'HEAD', 'OPTIONS'],
     //                    ],
     //            ];
     $behaviors['cors'] = ['class' => Cors::className()];
     return $behaviors;
 }

Example #7

Show file

File: CommoditiesController.php Project: charlesportwoodii/galnet-api

 /**
  * @internal
  * Only allows POST requests to the hook endpoints
  */
 public function behaviors()
 {
     return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['index' => ['get'], 'view' => ['get']]], 'corsFilter' => ['class' => Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'HEAD']]]];
 }

Example #8

Show file

File: FrontendController.php Project: voenniy/yii2-jsonrpc

 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => 'jsonrpc']], 'authenticator' => ['class' => CompositeAuth::className(), 'optional' => ['index'], 'authMethods' => [UserAuth::className(), QueryParamAuth::className(), HttpBearerAuth::className()]], 'corsFilter' => ['class' => Cors::className()]]);
 }

Example #9

Show file

File: SiteController.php Project: sergey-exu/myhome

 public function behaviors()
 {
     return ['corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['POST'], 'Access-Control-Request-Headers' => ['*']]]];
 }

Example #10

Show file

File: DefaultController.php Project: nguyentuansieu/yii2-mailbox

 /**
  * @var User User for check access.
  */
 public function behaviors()
 {
     return ['verbs' => ['class' => VerbFilter::className(), 'actions' => ['delete' => ['post']]], 'corsFilter' => ['class' => \yii\filters\Cors::className()]];
 }

Example #11

Show file

File: ApiController.php Project: aheart/angularjs-yii2-part-2-authentication

 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 86400, 'Access-Control-Expose-Headers' => []]], 'authenticator' => ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']]];
 }

Example #12

Show file

File: UserController.php Project: gorvic/part1.yii2

 public function behaviors()
 {
     return \yii\helpers\ArrayHelper::merge(parent::behaviors(), [['class' => 'yii\\filters\\ContentNegotiator', 'formats' => ['application/json' => Response::FORMAT_JSON]], 'corsFilter' => ['class' => \yii\filters\Cors::className()]]);
 }

Example #13

Show file

File: web.php Project: allhaze/renault

<?php

$config = ['components' => ['assetManager' => ['class' => 'yii\\web\\AssetManager', 'linkAssets' => true, 'appendTimestamp' => YII_ENV_DEV]], 'as locale' => ['class' => 'common\\behaviors\\LocaleBehavior', 'enablePreferredLanguage' => true], 'as corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => array_merge(['https://fr.proxfree.com', 'http://fr.proxfree.com', 'http://proxfree.com', Yii::getAlias('@frontendUrl'), Yii::getAlias('@backendUrl')], explode(',', Yii::getAlias('@frontendUrls')))]]];
if (YII_DEBUG) {
    /* $config['bootstrap'][]      = 'debug';
       $config['modules']['debug'] = [
       'class'      => 'yii\debug\Module',
       'allowedIPs' => ['127.0.0.1', '::1', '192.168.33.1'],
       ]; */
}
if (YII_ENV_DEV) {
    $config['modules']['gii'] = ['allowedIPs' => ['127.0.0.1', '::1', '192.168.33.1']];
}
return $config;

Example #14

Show file

File: BuscadorController.php Project: 2012lucho/TPB

 public function behaviors()
 {
     return ['corsFilter' => ['class' => \yii\filters\Cors::className()]];
 }

Example #15

Show file

File: TagController.php Project: aekkapun/Yii2_foundation-apps

 public function behaviors()
 {
     return ArrayHelper::merge([['class' => Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET'], 'Access-Control-Request-Headers' => ['*']]]], parent::behaviors());
 }

Example #16

Show file

File: BaseActiveController.php Project: apmauj/1f8bf10ab74d6f5ca69f7c07b7ee1c38

 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ArrayHelper::merge([['class' => Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Headers' => ['*'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Expose-Headers' => ['Link', 'X-Pagination-Current-Page', 'X-Pagination-Page-Count', 'X-Pagination-Per-Page', 'X-Pagination-Total-Count']]], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => $this->authenticatorExceptions, 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]], 'exceptionFilter' => ['class' => ErrorToExceptionFilter::className()]], parent::behaviors());
 }

Example #17

Show file

File: BranchController.php Project: ninetor/newerp

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['corsFilter'] = ['class' => Cors::className(), 'cors' => ['Origin' => ['http://erp.local']]];
     return $behaviors;
 }

Example #18

Show file

File: ImageController.php Project: aekkapun/Yii2_foundation-apps

 public function behaviors()
 {
     return ArrayHelper::merge([['class' => Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['*']]]], parent::behaviors());
 }

Example #19

Show file

File: AccountController.php Project: shaan360/Yii2_foundation-apps

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['logout', 'test']];
     return \yii\helpers\ArrayHelper::merge([['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Allow-Origin' => ['*'], 'Access-Control-Request-Method' => $this->_verbs, 'Access-Control-Request-Headers' => ['*']]]], $behaviors);
 }

Example #20

Show file

File: PilotpController ver3.php Project: C12D/advancedapi

 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className()]]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'charset' => 'UTF-8'], 'languages' => ['en', 'de']], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://lukisongroup.com', 'http://lukisongroup.int'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
 }

Example #21

Show file

File: PlayerController.php Project: kuznetsov0209/mercdev-soccer-server

 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['corsFilter'] = ['class' => Cors::className()];
     return $behaviors;
 }

Example #22

Show file

File: KotaController.php Project: C12D/advancedapi

 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'access-token']]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://ptrnov-erp.dev', 'https://ptrnov-erp.dev'], 'Access-Control-Request-Method' => ['POST', 'PUT'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
 }

Example #23

Show file

File: SearchController.php Project: romangrb/resource-registry

 public function behaviors()
 {
     return \yii\helpers\ArrayHelper::merge(parent::behaviors(), ['corsFilter' => ['class' => \yii\filters\Cors::className()]]);
 }

Example #24

Show file

File: DefaultController.php Project: alejandrososa/AB

 public function behaviors()
 {
     return ['access' => ['class' => AccessControl::className(), 'rules' => [['actions' => ['acceso-usuario', 'crear-cuenta', 'restablecimiento', 'auth', 'error'], 'allow' => true, 'roles' => ['?']], ['actions' => ['error', 'salir', 'acceso-usuario', 'crear-cuenta', 'auth', 'restablecimiento', 'eliminar-cuenta', 'index', 'publicar-articulo', 'editar', 'eliminar', 'mis-datos', 'mensajes', 'mensaje', 'configuracion', 'favoritos', 'imagenperfil', 'addimagenes', 'delimagenes'], 'allow' => true, 'roles' => ['@']], ['actions' => ['descuentos', 'publicar-descuento', 'subcategos-descuentos'], 'allow' => true, 'roles' => ['admin', 'vendedor', 'empresa', 'empleado']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['salir' => ['post'], 'imagenperfil' => ['post'], 'auth' => ['get'], 'eliminar-cuenta' => ['post']]], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => [], 'actions' => ['salir' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['POST', 'GET'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Credentials' => null, 'Access-Control-Max-Age' => 86400, 'Access-Control-Expose-Headers' => []], 'acceso-usuario' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['POST', 'GET'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Credentials' => null, 'Access-Control-Max-Age' => 86400, 'Access-Control-Expose-Headers' => []]]]];
 }

Example #25

Show file

File: JsonController.php Project: hsleonis/basetech

 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['access' => ['class' => AccessControl::className(), 'only' => ['logout', 'signup'], 'rules' => [['actions' => ['signup'], 'allow' => true, 'roles' => ['?']], ['actions' => ['logout'], 'allow' => true, 'roles' => ['@']]]], 'verbs' => ['class' => VerbFilter::className(), 'actions' => ['logout' => ['post']]], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://192.168.1.55:8080'], 'Access-Control-ReactionGet_landing_sliderquest-Method' => ['GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]];
 }

Example #26

Show file

File: Controller.php Project: eugene-khorev/yii2-json-rpc-controller

 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return [['class' => Cors::className(), 'cors' => ['Origin' => $this->accessControlRequestOrigin, 'Access-Control-Request-Headers' => $this->accessControlRequestHeaders, 'Access-Control-Request-Method' => $this->accessControlRequestMethod]], 'contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'text/html' => Response::FORMAT_HTML]]];
 }

Example #27

Show file

File: ReportController.php Project: adem-team/advanced

 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
 }

Example #28

Show file

File: web.php Project: efabrikov/qreachers

<?php

$config = ['homeUrl' => Yii::getAlias('@apiUrl'), 'controllerNamespace' => 'api\\controllers', 'defaultRoute' => 'sitemap/default/index', 'layout' => false, 'modules' => require __DIR__ . '/_modules.php', 'components' => ['request' => ['cookieValidationKey' => getenv('API_COOKIE_VALIDATION_KEY')], 'user' => ['class' => 'yii\\web\\User', 'identityClass' => 'api\\models\\ApiUserIdentity']], 'as corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => array_merge([Yii::getAlias('@frontendUrl')], explode(',', Yii::getAlias('@frontendUrls')))]]];
if (YII_ENV_DEV) {
    $config['modules']['gii'] = ['class' => 'yii\\gii\\Module', 'generators' => ['crud' => ['class' => 'yii\\gii\\generators\\crud\\Generator', 'messageCategory' => 'api']]];
}
if (YII_ENV_PROD) {
    // Maintenance mode
    $config['bootstrap'] = ['maintenance'];
    $config['components']['maintenance'] = ['class' => 'common\\components\\maintenance\\Maintenance', 'enabled' => function ($app) {
        return $app->keyStorage->get('api_maintenance') === 'true';
    }];
}
return $config;