Working with CORS requests
There are several ways to add CORS requests handling capabilities to a Symfony application, the fastest and most flexible solution being the NelmioCorsBundle.
This bundle allows you to enable and configure CORS rules very precisely without having to modify your server configuration. See the documentation for installation and usage instructions.
Example usage with the LexikJWTAuthenticationBundle
1 2 3 4 5 6 7 8
nelmio_cors:
...
paths:
'^/api/':
allow_origin: ['*']
allow_headers: ['*']
allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
max_age: 3600
The important thing to note here is that both the login
and api
firewalls paths (in our example /api/login_check
and /api
) must
be configured to allow CORS requests.
This work, including the code samples, is licensed under a
Creative Commons BY-SA 3.0 license.