Skip to content
docsv0.1.0

CorsDecision

The outcome of a {@see \Milpa\Live\Contracts\Security\CorsPolicyInterface::check()} decision. `$headers` are the CORS response headers to attach when `$allowed` is `true`; they carry no meaning when `$allowed` is `false`, and `$reason` carries no meaning when `$allowed` is `true`.

CorsDecision::__construct()

public function __construct(bool $allowed, array $headers = [], ?string $reason = null):

Parameters

Parameters of __construct()
NameTypeDescription
$allowedboolWhether the caller MUST proceed with the request.
$headersarray<string, string>Response headers to send (e.g. `Access-Control-Allow-Origin`) when `$allowed` is `true`.
$reason(string | null)A short machine-readable denial reason (e.g. `'origin_not_allowed'`) when `$allowed` is `false`.