From 91990ee823b29a8ad56d6a89de955b3c23d06524 Mon Sep 17 00:00:00 2001 From: Matthew Weier O'Phinney Date: Thu, 1 Jun 2017 11:07:56 -0500 Subject: [PATCH] Formatting fixes for README --- README.md | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 6598d0f..e441971 100644 --- a/README.md +++ b/README.md @@ -52,22 +52,23 @@ of -1. This means that this listener is executed AFTER the route has been matche As by default, all the various options are set globally for all routes: - * `allowed_origins`: (array) List of allowed origins. To allow any origin, you can use the wildcard (`*`) character. If - multiple origins are specified, ZfrCors will automatically check the `"Origin"` header's value, and only return the - allowed domain (if any) in the `"Allow-Access-Control-Origin"` response header. To allow any sub-domain, you can prefix - the domain with the wildcard character (i.e. *.example.com). Please note that you don't need to - add your host URI (so if your website is hosted as "example.com", "example.com" is automatically allowed. - * `allowed_methods`: (array) List of allowed HTTP methods. Those methods will be returned for the preflight request to - indicate which methods are allowed to the user agent. You can even specify custom HTTP verbs. - * `allowed_headers`: (array) List of allowed headers that will be returned for the preflight request. This indicates - to the user agent which headers are permitted to be sent when doing the actual request. - * `max_age`: (int) Maximum age (seconds) the preflight request should be cached by the user agent. This prevents the - user agent from sending a preflight request for each request. - * `exposed_headers`: (array) List of response headers that are allowed to be read in the user agent. Please note that - some browsers do not implement this feature correctly. - * `allowed_credentials`: (boolean) If true, it allows the browser to send cookies along with the request. +- `allowed_origins`: (array) List of allowed origins. To allow any origin, you can use the wildcard (`*`) character. If + multiple origins are specified, ZfrCors will automatically check the `"Origin"` header's value, and only return the + allowed domain (if any) in the `"Allow-Access-Control-Origin"` response header. To allow any sub-domain, you can prefix + the domain with the wildcard character (i.e. `*.example.com`). Please note that you don't need to + add your host URI (so if your website is hosted as "example.com", "example.com" is automatically allowed. +- `allowed_methods`: (array) List of allowed HTTP methods. Those methods will be returned for the preflight request to + indicate which methods are allowed to the user agent. You can even specify custom HTTP verbs. +- `allowed_headers`: (array) List of allowed headers that will be returned for the preflight request. This indicates + to the user agent which headers are permitted to be sent when doing the actual request. +- `max_age`: (int) Maximum age (seconds) the preflight request should be cached by the user agent. This prevents the + user agent from sending a preflight request for each request. +- `exposed_headers`: (array) List of response headers that are allowed to be read in the user agent. Please note that + some browsers do not implement this feature correctly. +- `allowed_credentials`: (boolean) If true, it allows the browser to send cookies along with the request. If you want to configure specific routes, you can add `ZfrCors\Options\CorsOptions::ROUTE_PARAM` to your route configuration: + ```php