Initial commit, standalone split-off from asm89/stack-cors

Author: barryvdh

.gitattributes

@@ -0,0 +1,8 @@
+* text=auto
+
+/tests export-ignore
+.github export-ignore
+.gitattributes export-ignore
+.gitignore export-ignore
+phpunit.xml.dist export-ignore
+CHANGELOG.md export-ignore

.github/workflows/run-tests.yml

@@ -0,0 +1,47 @@
+on:
+  push:
+  pull_request:
+  schedule:
+  - cron: '0 0 * * *'
+
+jobs:
+  php-tests:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        php: [7.2, 7.3, 7.4, 8.0, 8.1]
+        symfony: [4.x, 5.x, 6.x]
+        dependency-version: [prefer-lowest, prefer-stable]
+        os: [ubuntu-latest]
+        exclude:
+          - symfony: 6.x
+            php: 7.2
+          - symfony: 6.x
+            php: 7.3
+          - symfony: 6.x
+            php: 7.4
+
+    name: PHP${{ matrix.php }} Symfony${{ matrix.symfony }} - ${{ matrix.os }} - ${{ matrix.dependency-version }}
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: ${{ matrix.php }}
+        extensions: mbstring
+
+    - name: Install dependencies
+      run: |
+        composer require "symfony/http-foundation:${{ matrix.symfony }}" --no-interaction --no-update
+        composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction --no-suggest --with-all-dependencies
+
+    - name: Execute Unit Tests
+      run: vendor/bin/phpunit
+
+    - name: Check PSR-12 Codestyle
+      run: vendor/bin/phpcs --standard=psr12 --exclude=Generic.Files.LineLength src/
+      if: matrix.os == 'ubuntu-latest'

.gitignore

@@ -0,0 +1,5 @@
+phpunit.xml
+composer.lock
+composer.phar
+/vendor/
+.phpunit.result.cache

CHANGELOG.md

@@ -0,0 +1,13 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+### Changed since split from asm89/stack-cors
+
+- Renamed Asm89\Stack namespace to Fruitcake\Cors
+- Removed HttpKernel middleware

LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2013-2017 Alexander <iam.asm89@gmail.com>
+Copyright (c) 2017-2022 Barryvdh <barryvdh@gmail.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -0,0 +1,98 @@
+# Stack/Cors
+## Stand-alone fork of https://github.com/asm89/stack-cors
+
+[![Tests](https://github.com/fruitcake/php-cors/actions/workflows/run-tests.yml/badge.svg)](https://github.com/fruitcake/php-cors/actions/workflows/run-tests.yml)
+[![Packagist License](https://poser.pugx.org/fruitcake/php-corsr/license.png)](http://choosealicense.com/licenses/mit/)
+[![Latest Stable Version](https://poser.pugx.org/fruitcake/php-cors/version.png)](https://packagist.org/packages/fruitcake/php-cors)
+[![Total Downloads](https://poser.pugx.org/fruitcake/php-cors/d/total.png)](https://packagist.org/packages/fruitcake/php-cors)
+[![Fruitcake](https://img.shields.io/badge/Powered%20By-Fruitcake-b2bc35.svg)](https://fruitcake.nl/)
+
+Library and middleware enabling cross-origin resource sharing for your
+http-{foundation,kernel} using application. It attempts to implement the
+[W3C Recommendation] for cross-origin resource sharing.
+
+[W3C Recommendation]: http://www.w3.org/TR/cors/
+
+Build status: ![.github/workflows/run-tests.yml](https://github.com/asm89/stack-cors/workflows/.github/workflows/run-tests.yml/badge.svg)
+
+## Installation
+
+Require `fruitcake/php-cors` using composer.
+
+## Usage
+
+This package can be used as a library. You can use it in your framework using:
+
+ - [Stack middleware](http://stackphp.com/): https://github.com/asm89/stack-cors
+ - [Laravel](https://laravel.com): https://github.com/fruitcake/laravel-cors
+ 
+
+### Options
+
+| Option                 | Description                                                | Default value |
+|------------------------|------------------------------------------------------------|---------------|
+| allowedMethods         | Matches the request method.                                | `[]`          |
+| allowedOrigins         | Matches the request origin.                                | `[]`          |
+| allowedOriginsPatterns | Matches the request origin with `preg_match`.              | `[]`          |
+| allowedHeaders         | Sets the Access-Control-Allow-Headers response header.     | `[]`          |
+| exposedHeaders         | Sets the Access-Control-Expose-Headers response header.    | `false`       |
+| maxAge                 | Sets the Access-Control-Max-Age response header.           | `false`       |
+| supportsCredentials    | Sets the Access-Control-Allow-Credentials header.          | `false`       |
+
+The _allowedMethods_ and _allowedHeaders_ options are case-insensitive.
+
+You don't need to provide both _allowedOrigins_ and _allowedOriginsPatterns_. If one of the strings passed matches, it is considered a valid origin.
+
+If `['*']` is provided to _allowedMethods_, _allowedOrigins_ or _allowedHeaders_ all methods / origins / headers are allowed.
+
+### Example: using the library
+
+```php
+<?php
+
+use Fruitcake\Cors\CorsService;
+
+$cors = new CorsService([
+    'allowedHeaders'         => ['x-allowed-header', 'x-other-allowed-header'],
+    'allowedMethods'         => ['DELETE', 'GET', 'POST', 'PUT'],
+    'allowedOrigins'         => ['http://localhost'],
+    'allowedOriginsPatterns' => ['/localhost:\d/'],
+    'exposedHeaders'         => false,
+    'maxAge'                 => false,
+    'supportsCredentials'    => false,
+]);
+
+$cors->addActualRequestHeaders(Response $response, $origin);
+$cors->handlePreflightRequest(Request $request);
+$cors->isActualRequestAllowed(Request $request);
+$cors->isCorsRequest(Request $request);
+$cors->isPreflightRequest(Request $request);
+```
+
+## Example: using the stack middleware
+
+```php
+<?php
+
+use Fruitcake\Cors\Cors;
+
+$app = new Cors($app, [
+    // you can use ['*'] to allow any headers
+    'allowedHeaders'      => ['x-allowed-header', 'x-other-allowed-header'],
+    // you can use ['*'] to allow any methods
+    'allowedMethods'      => ['DELETE', 'GET', 'POST', 'PUT'],
+    // you can use ['*'] to allow requests from any origin
+    'allowedOrigins'      => ['localhost'],
+    // you can enter regexes that are matched to the origin request header
+    'allowedOriginsPatterns' => ['/localhost:\d/'],
+    'exposedHeaders'      => false,
+    'maxAge'              => false,
+    'supportsCredentials' => false,
+]);
+```
+
+## License
+
+Released under the MIT License, see [LICENSE](LICENSE).
+The original author of this Library is Alexander <iam.asm89@gmail.com>, while Barry <barryvdh@gmail.com> has been involved since 2015.
+This package is split-off from https://github.com/asm89/stack-cors

composer.json

@@ -0,0 +1,42 @@
+{
+    "name": "fruitcake/php-cors",
+    "description": "Cross-origin resource sharing library for the Symfony HttpFoundation",
+    "keywords": ["cors", "symfony", "laravel"],
+    "homepage": "https://github.com/fruitcake/php-cors",
+    "type": "library",
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "Barryvdh",
+            "email": "barryvdh@gmail.com"
+        }
+    ],
+    "require": {
+        "php": "^7.2|^8.0",
+        "symfony/http-foundation": "^4|^5|^6"
+    },
+    "require-dev": {
+        "phpunit/phpunit": "^7|^9",
+        "squizlabs/php_codesniffer": "^3.5"
+    },
+    "autoload": {
+        "psr-4": {
+            "Fruitcake\\Cors\\": "src/"
+        }
+    },
+    "autoload-dev": {
+        "psr-4": {
+            "Fruitcake\\Cors\\Tests\\": "tests/"
+        }
+    },
+    "scripts": {
+        "test": "phpunit",
+        "check-style": "phpcs -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src",
+        "fix-style": "phpcbf -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src"
+    },
+    "extra": {
+        "branch-alias": {
+            "dev-master": "1.0-dev"
+        }
+    }
+}

phpunit.xml.dist

@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<phpunit backupGlobals="false"
+         backupStaticAttributes="false"
+         colors="true"
+         convertErrorsToExceptions="true"
+         convertNoticesToExceptions="true"
+         convertWarningsToExceptions="true"
+         processIsolation="false"
+         stopOnFailure="false"
+>
+  <testsuites>
+    <testsuite name="Fruitcake Cors Test Suite">
+      <directory>./tests</directory>
+    </testsuite>
+  </testsuites>
+
+  <filter>
+    <whitelist>
+      <directory suffix=".php">./src/</directory>
+    </whitelist>
+  </filter>
+
+</phpunit>