Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Laravel Cors
Assessments

Laravel Cors Laravel Package

fruitcake/laravel-cors

Laravel middleware to handle Cross-Origin Resource Sharing (CORS). Configure allowed origins, methods, headers, credentials, and exposed headers via a config file. Adds proper CORS response headers and supports preflight OPTIONS requests for APIs and SPAs.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture fit is strong for Laravel applications requiring CORS headers, as it implements standard middleware-based handling and aligns with Laravel's request lifecycle. Integration feasibility is high for Laravel 6-9 versions per composer.json constraints but fails for Laravel 10+ due to unsupported dependencies. Technical risk is high due to the repository being officially archived (no active maintenance), lack of recent releases since 2022, and potential unaddressed security vulnerabilities. Key questions: Are there active community forks addressing Laravel 10+ compatibility? Has the package been audited for security issues in recent years? What is the recommended alternative for new projects?

Integration Approach

Stack fit is optimal for Laravel 6-9 but incompatible with Laravel 10+ due to illuminate/support version constraints. Migration path for existing projects requires careful version alignment: projects on Laravel 6-9 can integrate via composer require fruitcake/laravel-cors and publish config, but must avoid future Laravel upgrades. For new projects, this package should not be used—alternative packages like spatie/laravel-cors or Laravel's native CORS handling (via api middleware) are safer choices. Sequencing would involve installing, configuring origins/patterns in config/cors.php, and adding middleware to kernel, but this is only viable for legacy Laravel 6-9 systems.

Operational Impact

Maintenance burden is significant due to the archived status—no official patches for bugs, security flaws, or new Laravel features. Support relies entirely on community forums (e.g., GitHub issues), which may be slow or inactive. Scaling is generally low-risk for traffic as CORS headers are lightweight, but unaddressed memory leaks (like the Octane-related fix in v2.0.4) could resurface in high-load environments. Failure modes include misconfigured CORS policies blocking legitimate requests or exposing security vulnerabilities if headers are improperly set. Ramp-up is simple for basic use cases but becomes complex for advanced scenarios due to outdated documentation and lack of official support for modern Laravel versions.

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport