fruitcake
diff --git a/‎.github/FUNDING.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/FUNDING.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/workflows/run-coverage.yml‎
Lines changed: 36 additions & 0 deletions b/‎.github/workflows/run-coverage.yml‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎.github/workflows/run-matcher.yml‎
Lines changed: 33 additions & 0 deletions b/‎.github/workflows/run-matcher.yml‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎.github/workflows/run-tests.yml‎
Lines changed: 15 additions & 10 deletions b/‎.github/workflows/run-tests.yml‎
Lines changed: 15 additions & 10 deletions
diff --git a/‎CHANGELOG.md‎
Lines changed: 20 additions & 2 deletions b/‎CHANGELOG.md‎
Lines changed: 20 additions & 2 deletions
diff --git a/‎README.md‎
Lines changed: 16 additions & 36 deletions b/‎README.md‎
Lines changed: 16 additions & 36 deletions
diff --git a/‎composer.json‎
Lines changed: 14 additions & 7 deletions b/‎composer.json‎
Lines changed: 14 additions & 7 deletions
diff --git a/‎phpunit.xml.dist‎
Lines changed: 6 additions & 17 deletions b/‎phpunit.xml.dist‎
Lines changed: 6 additions & 17 deletions
@@ -0,0 +1,4 @@
+# These are supported funding model platforms
+
+github: barryvdh
+custom: ['https://fruitcake.nl']
@@ -0,0 +1,36 @@
+name: Code Coverage
+
+on:
+  push:
+  pull_request:
+  schedule:
+  - cron: '0 0 * * *'
+
+jobs:
+  php-tests:
+    runs-on: ubuntu-latest
+
+    name: PHP Code Coverage
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: 8.1
+        extensions: mbstring
+        coverage: pcov
+
+    - name: Install dependencies
+      run: |
+        composer update --prefer-dist --no-interaction --no-suggest --with-all-dependencies
+
+    - name: Check Code Coverage
+      run: vendor/bin/phpunit --verbose --coverage-text --coverage-clover=clover.xml --coverage-html=coverage
+
+    - uses: actions/upload-artifact@v2
+      with:
+        name: coverage
+        path: coverage
@@ -0,0 +1,33 @@
+name: Unit Tests
+
+on:
+  push:
+  pull_request:
+  schedule:
+  - cron: '0 0 * * *'
+
+jobs:
+  php-tests:
+    runs-on: ubuntu-latest
+
+    name: PHPUnit Matcher
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v1
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: 8.1
+        extensions: mbstring
+
+    - name: Configure matchers
+      uses: mheap/phpunit-matcher-action@v1
+
+    - name: Install dependencies
+      run: |
+        composer update --prefer-dist --no-interaction --no-suggest --with-all-dependencies
+
+    - name: Execute Unit Tests
+      run: vendor/bin/phpunit --teamcity
@@ -1,3 +1,5 @@
+name: Unit Tests
+
 on:
   push:
   pull_request:
@@ -10,16 +12,12 @@ jobs:
 
     strategy:
       matrix:
-        php: [7.2, 7.3, 7.4, 8.0, 8.1]
-        symfony: [4.x, 5.x, 6.x]
+        php: [7.4, 8.0, 8.1]
+        symfony: [^4.4, ^5.4, ^6]
         dependency-version: [prefer-lowest, prefer-stable]
         os: [ubuntu-latest]
         exclude:
-          - symfony: 6.x
-            php: 7.2
-          - symfony: 6.x
-            php: 7.3
-          - symfony: 6.x
+          - symfony: ^6
             php: 7.4
 
     name: PHP${{ matrix.php }} Symfony${{ matrix.symfony }} - ${{ matrix.os }} - ${{ matrix.dependency-version }}
@@ -34,14 +32,21 @@ jobs:
         php-version: ${{ matrix.php }}
         extensions: mbstring
 
+    - name: Configure matchers
+      uses: mheap/phpunit-matcher-action@v1
+
     - name: Install dependencies
       run: |
         composer require "symfony/http-foundation:${{ matrix.symfony }}" --no-interaction --no-update
         composer update --${{ matrix.dependency-version }} --prefer-dist --no-interaction --no-suggest --with-all-dependencies
 
     - name: Execute Unit Tests
-      run: vendor/bin/phpunit
+      run: composer test
+
+    - name: Analyse with PHPStan
+      run: composer analyse
+      if: matrix.os == 'ubuntu-latest' && matrix.symfony != '^4.4'
 
     - name: Check PSR-12 Codestyle
-      run: vendor/bin/phpcs --standard=psr12 --exclude=Generic.Files.LineLength src/
-      if: matrix.os == 'ubuntu-latest'
+      run: composer test
+      if: matrix.os == 'ubuntu-latest'
@@ -5,9 +5,27 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
+## 1.2.0 (2022-02-20)
+
+### Changed
+ - Drop support for PHP 7.2/7.3 and legacy Symfony HttpFoundation versions.
+ - Used TypedProperties instead of manual validation
+ 
+## 1.1.0 (2022-02-20)
+
+### Added
+ - setOptions() method to overwrite or set the options later.
+
+## 1.0.0 (2020-02-19)
 
 ### Changed since split from asm89/stack-cors
 
 - Renamed Asm89\Stack namespace to Fruitcake\Cors
-- Removed HttpKernel middleware
+- Removed HttpKernel middleware
+
+### New Features
+- Allow underscore options (both `allowed_origins` and `allowedOrigins` are allowed)
+- Support wildcard patterns on AllowedOrigins (eg `https://*.example.com` will be converted to an allowedOriginPattern)
+- Validate input (so invalid options are caught immediately)
+- Bump PHPStan to Level 9
+- Ensure 100% Code Coverage
@@ -1,8 +1,9 @@
-# Stack/Cors
-## Stand-alone fork of https://github.com/asm89/stack-cors
+# CORS for PHP (using the Symfony HttpFoundation)
 
-[![Tests](https://github.com/fruitcake/php-cors/actions/workflows/run-tests.yml/badge.svg)](https://github.com/fruitcake/php-cors/actions/workflows/run-tests.yml)
-[![Packagist License](https://poser.pugx.org/fruitcake/php-corsr/license.png)](http://choosealicense.com/licenses/mit/)
+[![Unit Tests](https://github.com/fruitcake/php-cors/actions/workflows/run-tests.yml/badge.svg)](https://github.com/fruitcake/php-cors/actions)
+[![PHPStan Level 9](https://img.shields.io/badge/PHPStan-Level%209-blue)](https://github.com/fruitcake/php-cors/actions)
+[![Code Coverage](https://img.shields.io/badge/CodeCoverage-100%25-brightgreen)](https://github.com/fruitcake/php-cors/actions/workflows/run-coverage.yml)
+[![Packagist License](https://poser.pugx.org/fruitcake/php-cors/license.png)](http://choosealicense.com/licenses/mit/)
 [![Latest Stable Version](https://poser.pugx.org/fruitcake/php-cors/version.png)](https://packagist.org/packages/fruitcake/php-cors)
 [![Total Downloads](https://poser.pugx.org/fruitcake/php-cors/d/total.png)](https://packagist.org/packages/fruitcake/php-cors)
 [![Fruitcake](https://img.shields.io/badge/Powered%20By-Fruitcake-b2bc35.svg)](https://fruitcake.nl/)
@@ -13,8 +14,7 @@ http-{foundation,kernel} using application. It attempts to implement the
 
 [W3C Recommendation]: http://www.w3.org/TR/cors/
 
-Build status: ![.github/workflows/run-tests.yml](https://github.com/asm89/stack-cors/workflows/.github/workflows/run-tests.yml/badge.svg)
-
+> Note: This is a standalone fork of https://github.com/asm89/stack-cors and is compatible with the options for CorsService.
 ## Installation
 
 Require `fruitcake/php-cors` using composer.
@@ -35,16 +35,18 @@ This package can be used as a library. You can use it in your framework using:
 | allowedOrigins         | Matches the request origin.                                | `[]`          |
 | allowedOriginsPatterns | Matches the request origin with `preg_match`.              | `[]`          |
 | allowedHeaders         | Sets the Access-Control-Allow-Headers response header.     | `[]`          |
-| exposedHeaders         | Sets the Access-Control-Expose-Headers response header.    | `false`       |
-| maxAge                 | Sets the Access-Control-Max-Age response header.           | `false`       |
+| exposedHeaders         | Sets the Access-Control-Expose-Headers response header.    | `[]`          |
+| maxAge                 | Sets the Access-Control-Max-Age response header.           | `0`           |
 | supportsCredentials    | Sets the Access-Control-Allow-Credentials header.          | `false`       |
 
 The _allowedMethods_ and _allowedHeaders_ options are case-insensitive.
 
-You don't need to provide both _allowedOrigins_ and _allowedOriginsPatterns_. If one of the strings passed matches, it is considered a valid origin.
+You don't need to provide both _allowedOrigins_ and _allowedOriginsPatterns_. If one of the strings passed matches, it is considered a valid origin. A wildcard in allowedOrigins will be converted to a pattern.
 
 If `['*']` is provided to _allowedMethods_, _allowedOrigins_ or _allowedHeaders_ all methods / origins / headers are allowed.
 
+> Note: Allowing a single static origin will improve cacheability.
+
 ### Example: using the library
 
 ```php
@@ -55,10 +57,10 @@ use Fruitcake\Cors\CorsService;
 $cors = new CorsService([
     'allowedHeaders'         => ['x-allowed-header', 'x-other-allowed-header'],
     'allowedMethods'         => ['DELETE', 'GET', 'POST', 'PUT'],
-    'allowedOrigins'         => ['http://localhost'],
+    'allowedOrigins'         => ['http://localhost', 'https://*.example.com'],
     'allowedOriginsPatterns' => ['/localhost:\d/'],
-    'exposedHeaders'         => false,
-    'maxAge'                 => false,
+    'exposedHeaders'         => ['Content-Encoding'],
+    'maxAge'                 => 0,
     'supportsCredentials'    => false,
 ]);
 
@@ -69,30 +71,8 @@ $cors->isCorsRequest(Request $request);
 $cors->isPreflightRequest(Request $request);
 ```
 
-## Example: using the stack middleware
-
-```php
-<?php
-
-use Fruitcake\Cors\Cors;
-
-$app = new Cors($app, [
-    // you can use ['*'] to allow any headers
-    'allowedHeaders'      => ['x-allowed-header', 'x-other-allowed-header'],
-    // you can use ['*'] to allow any methods
-    'allowedMethods'      => ['DELETE', 'GET', 'POST', 'PUT'],
-    // you can use ['*'] to allow requests from any origin
-    'allowedOrigins'      => ['localhost'],
-    // you can enter regexes that are matched to the origin request header
-    'allowedOriginsPatterns' => ['/localhost:\d/'],
-    'exposedHeaders'      => false,
-    'maxAge'              => false,
-    'supportsCredentials' => false,
-]);
-```
-
 ## License
 
 Released under the MIT License, see [LICENSE](LICENSE).
-The original author of this Library is Alexander <[email protected]>, while Barry <[email protected]> has been involved since 2015.
-This package is split-off from https://github.com/asm89/stack-cors
+
+> This package is split-off from https://github.com/asm89/stack-cors and developed as stand-alone library since 2022
@@ -6,18 +6,23 @@
     "type": "library",
     "license": "MIT",
     "authors": [
+        {
+            "name": "Fruitcake",
+            "homepage": "https://fruitcake.nl"
+        },
         {
             "name": "Barryvdh",
             "email": "[email protected]"
         }
     ],
     "require": {
-        "php": "^7.2|^8.0",
-        "symfony/http-foundation": "^4|^5|^6"
+        "php": "^7.4|^8.0",
+        "symfony/http-foundation": "^4.4|^5.4|^6"
     },
     "require-dev": {
-        "phpunit/phpunit": "^7|^9",
-        "squizlabs/php_codesniffer": "^3.5"
+        "phpunit/phpunit": "^9",
+        "squizlabs/php_codesniffer": "^3.5",
+        "phpstan/phpstan": "^1.4"
     },
     "autoload": {
         "psr-4": {
@@ -30,13 +35,15 @@
         }
     },
     "scripts": {
+        "actions": "composer test && composer analyse && composer check-style",
         "test": "phpunit",
-        "check-style": "phpcs -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src",
-        "fix-style": "phpcbf -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src"
+        "analyse": "phpstan analyse src tests --level=9",
+        "check-style": "phpcs -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src tests",
+        "fix-style": "phpcbf -p --standard=PSR12 --exclude=Generic.Files.LineLength --runtime-set ignore_errors_on_exit 1 --runtime-set ignore_warnings_on_exit 1 src tests"
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "1.0-dev"
+            "dev-main": "1.1-dev"
         }
     }
 }
@@ -1,24 +1,13 @@
 <?xml version="1.0" encoding="UTF-8"?>
-
-<phpunit backupGlobals="false"
-         backupStaticAttributes="false"
-         colors="true"
-         convertErrorsToExceptions="true"
-         convertNoticesToExceptions="true"
-         convertWarningsToExceptions="true"
-         processIsolation="false"
-         stopOnFailure="false"
->
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" backupGlobals="false" backupStaticAttributes="false" colors="true" convertErrorsToExceptions="true" convertNoticesToExceptions="true" convertWarningsToExceptions="true" processIsolation="false" stopOnFailure="false" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/9.3/phpunit.xsd">
+  <coverage>
+    <include>
+      <directory suffix=".php">./src/</directory>
+    </include>
+  </coverage>
   <testsuites>
     <testsuite name="Fruitcake Cors Test Suite">
       <directory>./tests</directory>
     </testsuite>
   </testsuites>
-
-  <filter>
-    <whitelist>
-      <directory suffix=".php">./src/</directory>
-    </whitelist>
-  </filter>
-
 </phpunit>