Update readme.md

barryvdh · web-flow · commit 8cc9f7e5f1b9 · 2020-05-11T11:29:18.000+02:00
diff --git a/readme.md b/readme.md
@@ -61,55 +61,20 @@ php artisan vendor:publish --tag="cors"
 
 > **Note:** If you are explicitly whitelisting headers, you must include `Origin` or requests will fail to be recognized as CORS.
 
-    
-```php
-<?php
-
-return [
-
-    /*
-     * You can enable CORS for 1 or multiple paths.
-     * Example: ['api/*']
-     */
-    'paths' => [],
-
-    /*
-    * Matches the request method. `[*]` allows all methods.
-    */
-    'allowed_methods' => ['*'],
-
-    /*
-     * Matches the request origin. `[*]` allows all origins. Wildcards can be used, eg `*.mydomain.com`
-     */
-    'allowed_origins' => ['*'],
-
-    /*
-     * Patterns that can be used with `preg_match` to match the origin.
-     */
-    'allowed_origins_patterns' => [],
-
-    /*
-     * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
-     */
-    'allowed_headers' => ['*'],
-
-    /*
-     * Sets the Access-Control-Expose-Headers response header.
-     */
-    'exposed_headers' => false,
-
-    /*
-     * Sets the Access-Control-Max-Age response header.
-     */
-    'max_age' => false,
-
-    /*
-     * Sets the Access-Control-Allow-Credentials header.
-     */
-    'supports_credentials' => false,
-];
 
-```
+### Options
+
+| Option                   | Description                                                              | Default value |
+|--------------------------|--------------------------------------------------------------------------|---------------|
+| paths                    | You can enable CORS for 1 or multiple paths, eg. `['api/*'] `            | `array()`     |
+| allowed_origins          | Matches the request origin. Wildcards can be used, eg `*.mydomain.com`   | `array('*')`  |
+| allowed_origins_patterns | Matches the request origin with `preg_match`.                            | `array()`     |
+| allowed_methods          | Matches the request method.                                              | `array('*')`  |
+| allowed_headers          | Sets the Access-Control-Allow-Headers response header.                   | `array('*')`  |
+| exposed_headers          | Sets the Access-Control-Expose-Headers response header.                  | `false`       |
+| max_age                  | Sets the Access-Control-Max-Age response header.                         | `0`           |
+| supports_credentials     | Sets the Access-Control-Allow-Credentials header.                        | `false`       |
+
 
 `allowed_origins`, `allowed_headers` and `allowed_methods` can be set to `['*']` to accept any value.
 
