Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Laravel Cors
Assessments

Laravel Cors Laravel Package

spatie/laravel-cors

Adds configurable CORS support to Laravel/Lumen: sets CORS headers on responses, handles preflight requests, and lets you define allowed origins, methods, headers, and credentials via middleware and config. Abandoned since Laravel 7+ has native CORS support.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Legacy System Maintenance: Justification for adopting this package in Laravel 6 or below to avoid reinventing CORS middleware, reducing development time and technical debt.
  • API Security Compliance: Ensures adherence to CORS policies for cross-origin requests in older Laravel versions where native support is absent.
  • Cost Efficiency: Avoids licensing costs associated with proprietary alternatives, leveraging open-source (MIT license) for budget-conscious projects.
  • Roadmap Deprecation: Aligns with Laravel’s native CORS support (Laravel 7+) by documenting a clear migration path for future-proofing legacy systems.
  • Build vs. Buy: Favors "buy" (open-source) over custom development for low-risk, high-reward CORS implementation in constrained environments.

When to Consider This Package

  • Laravel Version: Only for Laravel 6 or below—native CORS support exists in Laravel 7+ (no need for this package).
  • Use Case Fit: Ideal for legacy APIs or microservices requiring CORS headers with minimal configuration (e.g., preflight support, customizable origins).
  • Avoid When:
    • Using Laravel 7+ (native middleware suffices).
    • Needing advanced CORS logic (e.g., dynamic origin validation, complex credentials handling)—consider custom middleware or frameworks like fruitcake/laravel-cors (active maintenance).
    • Requiring active development (this package is archived; no bug fixes or updates).
    • Building new projects—prioritize native Laravel features or modern alternatives.

How to Pitch It (Stakeholders)

For Executives: "This package resolves CORS compliance for our Laravel 6 API with zero licensing cost and minimal dev effort. By adopting it, we avoid reinventing the wheel, reduce security risks, and future-proof our migration to Laravel 7’s native CORS. A low-risk, high-impact fix for legacy systems."

For Engineering: "For Laravel 6 or below, spatie/laravel-cors provides a battle-tested, configurable CORS middleware (preflight support, custom origins) with zero maintenance overhead. It’s a drop-in solution—install, configure, and forget. Critical caveat: Only use this for legacy systems; Laravel 7+ has built-in CORS. For new projects, leverage native features or active alternatives like fruitcake/laravel-cors."

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope