A simple way to add CORs headers to legacy apps:

But first, some definitions of what CORs and CORs preflight requests are:

"Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any other origins (domain, scheme, or port) than its own from which a browser should permit loading of resources. CORS also relies on a mechanism by which browsers make a “preflight” request to the server hosting the cross-origin resource, in order to check that the server will permit the actual request. In that preflight, the browser sends headers that indicate the HTTP method and headers that will be used in the actual request."

"CORS does not protect your server. CORS attempts to protect your users by telling browsers what the restrictions should be on sharing responses with other domains. Normally this kind of sharing is utterly forbidden, so CORS is a way to poke a hole in the browser's normal security policy. These holes should be as small as possible, so always check the HTTP_ORIGIN against some kind of internal list."

CORs preflight request:
"A CORS preflight request is a CORS request that checks to see if the CORS protocol is understood and a server is aware using specific methods and headers."

"The Access-Control-Allow-Headers response header is used in response to a preflight request which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used during the actual request."

Note, developer tools will not show CORs preflight requests.

Now to the code:

function addCORSHeaders()
        // cors preflight check; doesn't care about content, just headers and status
        header('Access-Control-Allow-Origin: *');
        header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS');
        header('Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization');
        // cache of cors preflight check; max varies by browser; some only 10min, some 24hr
        header('Access-Control-Max-Age: 86400');
        header('Content-Length: 0');
        header('Content-Type: text/plain');
        // HTTP/1.1 or HTTP/1.0 or HTTPS/2.0 or etc
        header($_SERVER['SERVER_PROTOCOL'] . ' 200 OK');

    // if can, allow just your or allow just subdomains *
    // but if have multiple shared apps/domains, * allow from anywhere
    header('Access-Control-Allow-Origin: *');

Add a function/method call to addCORSHeaders() to your middleware, or before your output.

Note, If your app has authentication, don't forget to allow OPTIONS as unauthenticated, like your login page.

You can check the network response to see the added headers in browsers developer tools.  

But as developer tools do not show CORs preflight requests, you may have to log access or trace using xdebug.

-End of Document-
Thanks for reading


"Xdebug is an extension for PHP, and provides a range of features to improve the PHP development experience. Step Debugging A way to step through your code in your IDE or editor while the script is executing."


Install following the instructions from

php.ini settings that worked for me:


xdebug.remote_enable = 1
xdebug.remote_autostart = 0
xdebug.remote_host =
xdebug.remote_port = 9072
xdebug.idekey = "PHPSTORM"
xdebug.profiler_enable = 0

 Enabling PHP xdebug is fairly simple, just add arguments to your PHP call

> php -d -dxdebug.remote_enable=1 -dxdebug.remote_autostart=1 -dxdebug.idekey=PHPSTORM your/script.php

The option -d can set/override php.ini values
-d foo[=bar]     Define INI entry foo with value 'bar'

If you are using cmder, which bundles the conemu console
you can add the alias to your users_aliases.cmd


xphp7=C:/laragon/bin/php/php-7.2.28-Win32-VC15-x64/php -d -dxdebug.remote_enable=1 -dxdebug.remote_autostart=1 -dxdebug.idekey=PHPSTORM $*

php7=C:/laragon/bin/php/php-7.2.28-Win32-VC15-x64/php  $*

And use as
> xphp7 slimapp/cli.php arg1 arg2=test

Reference: Slim PHP CLI

-End of Document-
Thanks for reading

To change the bash prompt on your AWS EC2 instance from the default of 

[ec2-user@ip-10-1-1-1 ~]$


ec2-user@ec2-name /data/cool-app (development=)


read and apply the following bash_profile update:

Note, By default, AWS EC2 does not set /etc/hosts, so use a fixed string in your bash prompt,
or follow the AWS documentation:

Create a temp file with the contents:
> echo '

# change me vars

# use vim
export EDITOR=vim
alias vi="vim"

# allow tab auto complete w/ sudo
if [[ "$HOME" == "/home/ec2-user" ]]; then
  complete -cf sudo

# git status
# existing git file in most distros
if [[ -f $git_prompt ]]; then
    source $git_prompt
    export GIT_PS1_SHOWDIRTYSTATE=true      # + staged, * unstaged
    export GIT_PS1_SHOWUNTRACKEDFILES=true  # % untracked files
    export GIT_PS1_SHOWUPSTREAM="auto"      # < behind, > ahead, <> diverged, = no difference
    export GIT_PS1_SHOWSTASHSTATE=true      # $ something is stashed
unset git_prompt

# export PS1="[\u@\h \W]\$" # default
PS1="\u@${ec2_name} "
if [ $git_status = "y" ]; then
    PS1+=" \[\033[0;32m\]\$(__git_ps1 '\''(%s)'\'')\[\033[00m\]"
PS1+="\n\[\033[0;32m\]└─►\[\033[00m\] "
export PS1


export PATH

alias git-log="git log --pretty=oneline"
alias git-preview-files="git fetch; git diff --name-only HEAD..@{u}"
alias git-preview-diff="git fetch; git diff HEAD..@{u}"

' >

Note, '\'' = '

Update ec2_name="ec2name" to the name of your ec2 ie super-cool-service
> vim

Append to existing bash profile
# using sed
> sed -i '/# User specific environment and startup programs/ r' ~/.bash_profile

# or edit and add to the end
> vim ~/.bash_profile

Test and see results
> source ~/.bash_profile

ec2-user@ec2-name /data/cool-app (development=)

Source: GitHub gist
-End of Document-
Thanks for reading

Sometimes you want to know how long a script took and how much memory it consumed.

Run Time and Memory used can also be useful if tracked overtime, for example in:

  • cron/cli scripts
  • web requests
  • api requests

While tools such as New Relic (paid), DataDog (paid), NetData (opensource), Prometheus (opensource) could be used, sometimes a simpler local solution is all that is needed.

Here is a simple Trait to extend your classes with


namespace App\Traits;

trait Stats
    private $timer_start;
    private $timer_finish;

    public function statsTimerStart()
        $this->timer_start = microtime(true);

    public function statsTimerFinish()
        $this->timer_finish = microtime(true);

    public function statsTimerRuntime()
        if (empty($this->timer_finish)) {

        $runtime = $this->timer_finish - $this->timer_start;
        return gmdate('H:i:s', $runtime);

    public function statsMemoryUsed()
        $memory_used = memory_get_peak_usage(true);

        return $this->statsFormatBytes($memory_used);

    public function statsFormatBytes(int $bytes, int $precision = 2)
        $units = ['B', 'KB', 'MB', 'GB', 'TB', 'PB'];
        $unit_index = 0;

        while ($bytes > 1024) {
            $bytes /= 1024;
        return round($bytes, $precision) . $units[$unit_index];


Basic usage:


.. do stuff ..

log 'stuff processed in ' . $this->statsTimerRuntime() . ' using ' . $this->statsMemoryUsed();

github gist

-End of Document-
Thanks for reading