├── .gitignore
├── README.md
├── composer.json
├── cors.info.yml
├── cors.routing.yml
├── cors.services.yml
└── src
    ├── Form
        └── AllowCors.php
    └── StackOptionsRequest.php


/.gitignore:
--------------------------------------------------------------------------------
1 | vendor
2 | composer.lock


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | Drupal 8 CORS
 2 | 
 3 | Thanks to the issue (#2303673)[https://github.com/drupal/drupal/commit/5ef912e9659131fd31d1522e3216d37323a0c047] in Drupal 8 now we have a new powerfull component, (StackPHP)[http://stackphp.com] is a middleware for the HttpKernel class, this middleware provide a decorator thas can intercept the request after to touch the Drupal Core.
 4 | 
 5 | ## How to use
 6 | This modulo don't provide UI, only need you turn on.
 7 | 
 8 | ## Installation
 9 | ```bash
10 | $ cd modules/
11 | $ git clone git@github.com:dmouse/cors-drupal8.git cors
12 | $ drush en cors
13 | ```
14 | 
15 | Middleware enabling cross-origin resource sharing for your http-{foundation,kernel} using application.
16 | 
17 | Cross-origin resource sharing (CORS) is a mechanism that allows a web page to make XMLHttpRequests to another domain. Such "cross-domain" requests would otherwise be forbidden by web browsers, per the same origin security policy.
18 | 


--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "drupal/cors",
 3 |   "description": "Enable cors options in Drupal 8",
 4 |   "minimum-stability": "stable",
 5 |   "license": "GLP2",
 6 |   "authors": [
 7 |     {
 8 |       "name": "David Flores",
 9 |       "email": "dmousex@gmail.com"
10 |     }
11 |   ],
12 |   "type": "drupal-module",
13 |   "require": {
14 |     "composer/installers": "~1.0",
15 |     "asm89/stack-cors": "0.2.1"
16 |   },
17 |   "autoload": {
18 |     "psr-4": {
19 |       "Drupal\\cors\\": "src"
20 |     }
21 |   }
22 | }
23 | 


--------------------------------------------------------------------------------
/cors.info.yml:
--------------------------------------------------------------------------------
1 | name: cors
2 | type: module
3 | description: CORS Drupal module
4 | core: 8.x
5 | package: REST
6 | 


--------------------------------------------------------------------------------
/cors.routing.yml:
--------------------------------------------------------------------------------
1 | cors.allow_cors:
2 |   path: '/cors/settings/AllowCors'
3 |   defaults:
4 |     _form: '\Drupal\cors\Form\AllowCors'
5 |     _title: 'AllowCors'
6 |   requirements:
7 |     _permission: 'access administration pages'
8 | 


--------------------------------------------------------------------------------
/cors.services.yml:
--------------------------------------------------------------------------------
1 | services:
2 |   cors.middleware.options:
3 |     class: Drupal\cors\StackOptionsRequest
4 |     arguments: ['@kernel']
5 |     tags:
6 |       - { name: http_middleware, priority: 400 }
7 | 


--------------------------------------------------------------------------------
/src/Form/AllowCors.php:
--------------------------------------------------------------------------------
  1 | <?php
  2 | 
  3 | /**
  4 |  * @file
  5 |  * Contains Drupal\cors\Form\AllowCors.
  6 |  */
  7 | 
  8 | namespace Drupal\cors\Form;
  9 | 
 10 | use Drupal\Core\Form\ConfigFormBase;
 11 | use Drupal\Core\Form\FormStateInterface;
 12 | use Drupal\Core\Config\ConfigFactoryInterface;
 13 | use Symfony\Component\DependencyInjection\ContainerInterface;
 14 | use Drupal\Core\Config\ConfigFactory;
 15 | 
 16 | class AllowCors extends ConfigFormBase
 17 | {
 18 | 
 19 |   /**
 20 |    * Drupal\Core\Config\ConfigFactory definition.
 21 |    *
 22 |    * @var Drupal\Core\Config\ConfigFactory
 23 |    */
 24 |   protected $config_factory;
 25 | 
 26 | 
 27 |   public function __construct(
 28 |     ConfigFactoryInterface $config_factory,
 29 |     ConfigFactory $config_factory
 30 |   ) {
 31 |     parent::__construct($config_factory);
 32 |     $this->config_factory = $config_factory;
 33 |   }
 34 | 
 35 | 
 36 |   public static function create(ContainerInterface $container) {
 37 |     return new static(
 38 |       $container->get('config.factory'),
 39 |       $container->get('config.factory')
 40 |     );
 41 |   }
 42 | 
 43 | 
 44 | 
 45 |   /**
 46 |   * {@inheritdoc}
 47 |   */
 48 |   protected function getEditableConfigNames() {
 49 |     return [
 50 |       'cors.allow_cors_config'
 51 |     ];
 52 |   }
 53 | 
 54 |   /**
 55 |    * {@inheritdoc}
 56 |    */
 57 |   public function getFormID() {
 58 |     return 'allow_cors';
 59 |   }
 60 | 
 61 |   /**
 62 |    * {@inheritdoc}
 63 |    */
 64 |   public function buildForm(array $form, FormStateInterface $form_state) {
 65 |     $config = $this->config('cors.allow_cors_config');
 66 |     $form['allowed_headers'] = array(
 67 |       '#type' => 'textfield',
 68 |       '#title' => $this->t('Allowed headers'),
 69 |       '#description' => $this->t('Allowed headers'),
 70 |       '#default_value' => $config->get('allowed_headers'),
 71 |     );
 72 |     $form['allowed_methods'] = array(
 73 |       '#type' => 'textfield',
 74 |       '#title' => $this->t('Allowed methods'),
 75 |       '#description' => $this->t('Allowed methods'),
 76 |       '#default_value' => $config->get('allowed_methods'),
 77 |     );
 78 |     $form['allowed_origins'] = array(
 79 |       '#type' => 'textfield',
 80 |       '#title' => $this->t('Allowed Origins'),
 81 |       '#description' => $this->t('Allowed origins'),
 82 |       '#default_value' => $config->get('allowed_origins'),
 83 |     );
 84 |     $form['exposed_headers'] = array(
 85 |       '#type' => 'checkbox',
 86 |       '#title' => $this->t('Exposed headers'),
 87 |       '#description' => $this->t('Exposed headers'),
 88 |       '#default_value' => $config->get('exposed_headers'),
 89 |     );
 90 |     $form['max_age'] = array(
 91 |       '#type' => 'checkbox',
 92 |       '#title' => $this->t('Max Age'),
 93 |       '#description' => $this->t('Max age.'),
 94 |       '#default_value' => $config->get('max_age'),
 95 |     );
 96 |     $form['support_credentials'] = array(
 97 |       '#type' => 'checkbox',
 98 |       '#title' => $this->t('Support credentials'),
 99 |       '#description' => $this->t('Support credentials'),
100 |       '#default_value' => $config->get('support_credentials'),
101 |     );
102 | 
103 |     return parent::buildForm($form, $form_state);
104 |   }
105 | 
106 |   /**
107 |    * {@inheritdoc}
108 |    */
109 |   public function validateForm(array &$form, FormStateInterface $form_state) {
110 |     parent::validateForm($form, $form_state);
111 |   }
112 | 
113 |   /**
114 |    * {@inheritdoc}
115 |    */
116 |   public function submitForm(array &$form, FormStateInterface $form_state) {
117 |     parent::submitForm($form, $form_state);
118 | 
119 |     $this->config('cors.allow_cors_config')
120 |       ->set('allowed_headers', $form_state->getValue('allowed_headers'))
121 |       ->set('allowed_methods', $form_state->getValue('allowed_methods'))
122 |       ->set('allowed_origins', $form_state->getValue('allowed_origins'))
123 |       ->set('exposed_headers', $form_state->getValue('exposed_headers'))
124 |       ->set('max_age', $form_state->getValue('max_age'))
125 |       ->set('support_credentials', $form_state->getValue('support_credentials'))
126 |     ->save();
127 |   }
128 | }
129 | 


--------------------------------------------------------------------------------
/src/StackOptionsRequest.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | /**
 4 |  * @file 
 5 |  *   Contains Drupal\cors\StackOptionsRequest.
 6 |  */
 7 | 
 8 | namespace Drupal\cors;
 9 | 
10 | use Symfony\Component\HttpKernel\HttpKernelInterface;
11 | use Symfony\Component\HttpFoundation\Request;
12 | use Asm89\Stack\Cors;
13 | 
14 | /**
15 |  * Wrapper to OPTIONS request.
16 |  */
17 | class StackOptionsRequest implements HttpKernelInterface {
18 | 
19 |   /**
20 |    * The wrapped kernel implementation.
21 |    *
22 |    * @var \Symfony\Component\HttpKernel\HttpKernelInterface
23 |    */
24 |   private $app;
25 | 
26 |   /**
27 |    * Create a new StackOptionsRequest instance.
28 |    *
29 |    * @param  \Symfony\Component\HttpKernel\HttpKernelInterface  $app
30 |    *   Hrrp Kernel.
31 |    */
32 |   public function __construct(HttpKernelInterface $app) {
33 |     $this->app = $app;
34 |   }
35 | 
36 |   /**
37 |    * {@inheritDoc}
38 |    */
39 |   public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
40 |     $cors = new Cors($this->app, [
41 |       'allowedHeaders'      => ["*"],
42 |       'allowedMethods'      => ['DELETE', 'GET', 'POST', 'PUT'],
43 |       'allowedOrigins'      => ["*"],
44 |       'exposedHeaders'      => false,
45 |       'maxAge'              => false,
46 |       'supportsCredentials' => false,
47 |     ]);
48 | 
49 |     return $cors->handle($request, $type, $catch);
50 |   }
51 | 
52 | }
53 | 


--------------------------------------------------------------------------------