30 open-source projects similar to barryvdh/laravel-cors, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Laravel Cors alternative.
This project is a CORS header manager and security plugin for Laravel. It functions as middleware that adds Cross-Origin Resource Sharing headers to HTTP responses to control how external domains access a Laravel backend. The software manages cross-origin request policies by defining allowed origins, methods, and headers. It handles pre-flight requests and allows for the restriction of sharing policies based on specific routes. The package provides API access control and cross-domain resource sharing by integrating custom header logic into the Laravel request lifecycle.
This is a Node.js middleware for Express and Node.js servers that manages Cross-Origin Resource Sharing policies. It functions as a policy manager and origin validator to define which origins, HTTP methods, and headers are permitted to access server resources. The project provides mechanisms for dynamic origin validation, allowing request origins to be checked against custom logic or databases. It also acts as an HTTP preflight request handler to process OPTIONS requests and verify server permissions before complex cross-site interactions occur. Its capability surface covers the management o
django-cors-headers is a Django application utility for managing cross-origin resource sharing. It adds HTTP headers to responses so web browsers can permit cross-origin requests from specified external domains. The project provides tools for defining which external domains, HTTP methods, and headers are permitted to access an API. It supports restricting allowed origins through static lists and regular expressions, and it enables the transmission of cookies and authentication credentials for cross-site session handling. Additional capabilities include API access control to limit cross-origi
django-cors-headers is a middleware for Django that manages Cross-Origin Resource Sharing headers to control which external domains can access server resources. It serves as a security component for enforcing access control policies through origin validation and header management. The project provides capabilities for origin whitelisting using hostnames or regular expressions and supports the Local Network Access specification to permit requests from private networks. It allows for granular control via path-based restrictions and dynamic origin validation driven by a signal system. The softw
This project is a self-hosted WebDAV file server and HTTP file manager that exposes a local file system for remote access and management. It functions as a private cloud storage solution, enabling users to perform file synchronization and automated network backups across different platforms and devices. The server includes built-in security to mitigate brute-force attacks by using middleware to block IP addresses after repeated failed authentication attempts. It also provides cross-origin resource sharing configuration to regulate how external web applications interact with the server. The s
This project is a Node.js HTTP proxy server that enables cross-domain API requests from browsers by injecting Cross-Origin Resource Sharing headers into HTTP responses. It functions as a reverse proxy gateway and header manipulator, allowing for the interception and modification of traffic between a client and a target server. The proxy provides mechanisms to bypass browser same-origin policy restrictions through automated header injection. It includes capabilities for origin-based rate limiting and request interception to control traffic flow and prevent unauthorized usage of the proxy servi
Payload is a headless content management system and application framework that uses a code-first approach to define data schemas and administrative interfaces. By utilizing a centralized, type-safe configuration object, it automatically generates database schemas, API endpoints, and a fully customizable admin panel. The system is built on a database-agnostic architecture, allowing it to interface with various storage engines while providing a unified, type-safe API for server-side operations, REST, and GraphQL. What distinguishes Payload is its deep extensibility and developer-centric design.
Hono is a minimal JavaScript HTTP framework designed for building web servers across multiple runtimes, including Node.js, edge runtimes, and serverless platforms. It functions as a cross-runtime web server and a web standard API wrapper, normalizing various runtime request and response objects into standard Web API signatures. The project serves as an HTTP middleware orchestrator and request handler, utilizing a middleware-based request pipeline and hierarchical route mounting to create modular server structures. It distinguishes itself through a runtime-agnostic event wrapper that ensures c
This project is an integration framework that bootstraps Apache Dubbo remote procedure call services within Spring Boot applications. It serves as a microservice communication framework that enables the implementation of RPC services, service discovery, and distributed governance through automated configuration. The project distinguishes itself by providing a cross-language RPC bridge, allowing services written in different languages to communicate via standards such as gRPC and Protobuf. It further enables the exposure of backend microservices as REST endpoints using the Triple protocol for
RuoYi-Vue3 is a full-stack administrative dashboard and permission management framework built with SpringBoot and Vue 3. It serves as an enterprise management backend providing a decoupled architecture that separates the API from the user interface. The project features a low-code CRUD generator that automatically produces frontend and backend boilerplate code and API documentation from database tables. It implements a comprehensive role-based access control system for managing users, departments, and granular permissions at the menu and button levels, secured by stateless JSON Web Token auth
This project is a programmatic HTML form builder and element generator for PHP, designed as a component library for the Laravel Blade templating engine. It provides a fluent interface to create structured HTML markup and attributes, allowing developers to generate web interface elements through code rather than writing raw markup. The library focuses on the dynamic construction of web forms and input fields. It enables the programmatic definition of form structures and attributes based on application logic, which helps maintain cleaner templates within the Laravel framework.
This package provides a framework for receiving, verifying, and processing incoming webhooks within Laravel applications. It acts as a consumer for event streams, utilizing middleware to intercept HTTP requests, validate their authenticity through cryptographic signature verification, and route payloads to dedicated background jobs. The system distinguishes itself by offering granular control over multiple external service integrations, allowing developers to define unique configurations and endpoints for each provider. It ensures reliable operations by persisting raw request headers and payl
Statamic is a content management system built on Laravel that utilizes a flat-file storage approach instead of a traditional relational database. It functions as a customizable administrative framework for managing site content and developing custom backend addons. The system stores website data in files and integrates with Git for versioning, allowing content changes to be tracked and rolled back through a repository. It employs a templating engine to transform structured data into dynamic HTML layouts for front-end rendering. The platform includes a control panel built as a single-page app
docker-socket-proxy is an HAProxy-based security proxy that filters and controls access to the Docker API. It acts as a security layer between containers and the Docker socket to restrict API operations based on specific paths and methods. The proxy uses environment variables to enable or disable specific API endpoints and to grant or revoke permissions for various API sections. It can enforce read-only access by restricting the API to only allow GET and HEAD requests, returning a forbidden status for unauthorized actions. The project provides capabilities for path-based request filtering, c
node-oauth2-server is an OAuth2 server implementation for Node.js that functions as an authorization provider. It enables the creation of a centralized server to manage client registration and issue access tokens for third-party applications using the OAuth2 protocol. The project operates as Node.js middleware, integrating authorization logic directly into web application request pipelines. It provides a bearer token validator to verify identity and permissions by checking security tokens within incoming HTTP request headers. The system covers API access control, token management, and user a
Hydra is a headless identity server that functions as a certified OAuth2 and OpenID Connect provider. It is designed as an authentication engine that manages authorization handshakes and token lifecycles while remaining decoupled from the user interface. The project distinguishes itself through a headless architecture, allowing external management of login and consent flows. It provides specialized capabilities for dynamic client registration, JSON Web Token issuance, and a system for rotating encryption secrets without service downtime. The system covers a broad range of identity operations
This project provides a queue driver that integrates RabbitMQ as a message broker within the Laravel framework. It acts as a bridge between the application and the broker, enabling asynchronous task offloading and distributed system integration by mapping framework-specific job dispatching commands to the native AMQP protocol. The driver is designed to be compatible with the native dashboard interface for monitoring and managing background jobs. It supports high-volume job processing through persistent connection streaming, which maintains long-lived network sockets to the broker to reduce la
GoTrue is a JWT identity provider and user management API. It functions as an OAuth 2.0 compliant server that handles user registration and authentication while issuing signed JSON Web Tokens to control access to protected API resources. The service integrates external identity providers to allow users to sign in using third-party accounts. It also includes an SMTP notification service for delivering password resets, signup confirmations, and account recovery emails. The system covers broader capabilities for user account management, including the ability to update user profiles and manage c
This is a code formatter for Blade template files that standardizes indentation and spacing within the VS Code editor. It functions as a template formatter and HTML attribute sorter that cleans up syntax and layout based on custom or opinionated style rules. The tool differentiates itself by automatically organizing HTML attributes and sorting Tailwind CSS utility classes into a predictable order. It uses a JSON-configurable system to load project-specific rules and exclusion lists, enabling teams to synchronize code styles and prevent version control conflicts. Broad capabilities include ma
collect.js is a dependency-free JavaScript library that provides a fluent, chainable interface for manipulating arrays and objects. It mirrors the Laravel Collection API, offering a consistent set of methods for data transformation across JavaScript and Laravel backend environments. The library stores collection data as plain arrays internally and supports fluent method chaining, where each method returns a new collection instance. The library distinguishes itself by closely replicating the Laravel Collection API in JavaScript, mapping each PHP method to an equivalent JavaScript implementatio
Zuul is an API gateway service that manages incoming network traffic to backend services. It serves as a routing layer and edge security proxy that provides centralized control over security and monitoring for microservices. The project implements a dynamic request router that maps incoming paths to backend locations using configurable rules that can be updated at runtime. It also includes a circuit breaker implementation to monitor backend failure rates and stop traffic to failing services to prevent cascading outages. The gateway provides a filter-based request pipeline for processing traf
This project is a PHP library for implementing a spec-compliant OAuth 2.0 authorization server. It serves as an authentication framework for managing user identities and client authorizations, providing the necessary components to issue and validate access and refresh tokens. The server supports a wide range of standardized authorization flows, including authorization code exchange, device grants, implicit flows, and PKCE enforcement. It handles complex token lifecycles through refresh token rotation, scope management, and the use of asymmetric keys for signing digital tokens. The system pro
Ziggy is a frontend route bridge and JavaScript route resolver that allows Laravel route names and parameters to be used within JavaScript and TypeScript environments. It serves as a synchronization layer that exports backend route configurations to frontend assets, ensuring that frontend navigation remains in sync with backend route definitions. The project provides a TypeScript route type generator that produces strict type definitions for route names and parameters to enable IDE autocompletion. It includes a route exposure filtering system that uses inclusion and exclusion patterns to cont
This project is a Chromium-based mobile browser and rendering engine designed for mobile platforms. It functions as a web extension host, allowing the execution of browser extensions within a mobile environment to provide custom functionality. The project distinguishes itself through custom user interface modifications, such as the implementation of a specialized night mode and the relocation of the address bar for improved ergonomics. It also includes a remote debugging interface and protocol that allow an external developer console to connect to a live browser instance for inspecting and tr
This project is an integration package that provides an administrative dashboard template for applications built with the Laravel framework. It functions as a visual layer and theme to establish a consistent layout for internal management tools. The package includes a navigation manager that allows the layout and links of sidebars and menus to be controlled from a single configuration source. It also provides tools to style authentication screens, such as login and registration pages, to ensure they match the overall aesthetic of the administration interface. The system covers administrative
kops is a Kubernetes cluster provisioner and lifecycle manager designed to automate the creation, maintenance, and destruction of production-grade clusters on cloud infrastructure. It functions as a declarative infrastructure manager, synchronizing the live state of a cluster with versioned manifests stored in remote object storage to ensure idempotent operations. The project distinguishes itself by offering comprehensive automation for the entire cluster lifecycle, including high-availability control plane deployment, incremental rolling updates, and automated version upgrades. It also serve
Larastan is a static analysis extension and type inference engine for PHP designed to detect bugs and type errors in Laravel applications. It extends PHPStan to resolve framework-specific patterns and magic methods, providing a rule-based scanning engine to audit code quality without executing the application. The tool specializes in Eloquent analysis, verifying that model properties, casts, and relationships align with database schemas and migrations. It tracks types across Eloquent collections, custom builders, and model factories to ensure type safety during database operations and iterati
Doorkeeper is an OAuth 2 authorization server and provider for Ruby on Rails and Grape applications. It provides the necessary framework to build an authorization server that issues and validates security tokens for third-party applications, effectively acting as a security middleware to protect API endpoints. The project integrates an identity layer via OpenID Connect to verify user identities and retrieve profile information. It supports a variety of security patterns, including the implementation of the PKCE flow for public clients and the issuance of stateless JSON Web Tokens. Its broade
This repository contains the HTML specification, which defines the core standards for web page structuring, content organization, and document rendering. It establishes the fundamental algorithms for state-machine-based tokenization, tree construction for the document object model, and origin-based security isolation. The specification provides a framework for defining custom elements with independent lifecycles and registries. It also details the requirements for cross-document communication, session history management, and the synchronization of interface properties with content attributes.