ganey
commented
6 years ago I'm having the same issue and am not seeing the 'Access-Control-Allow-Origin' header in any responses.
Closed aidanbigg closed 6 years ago
ganey
commented
6 years ago I'm having the same issue and am not seeing the 'Access-Control-Allow-Origin' header in any responses.
zhdanovartur
commented
6 years ago You need to add \Barryvdh\Cors\HandleCors::class to $middleware in Kernel.php.
aidanbigg
commented
6 years ago @zhdanovartur This resolves the issue, thanks.
notflip
commented
6 years ago Shouldn't it be enough to add HandleCors::class to the 'api' middleware group in kernel.php? It doesn't seem to be working, but the routes are all in the 'api' middleware group in api.php
I've added CORS in the relevant places:
Kernal.php
`protected $routeMiddleware = [ 'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 'cors' => \Barryvdh\Cors\HandleCors::class, // HERE
And routes/api.php
$api->version('v1', ['middleware' => 'cors'], function (Router $api) {And I've configured cors to only allow from http://google.com (as a test, to make sure it works)
config/cors.php
'supportsCredentials' => false, 'allowedOrigins' => ['http://google.com'], 'allowedHeaders' => ['*'], 'allowedMethods' => ['*'], 'exposedHeaders' => [], 'maxAge' => 0, 'hosts' => [],However it's not throwing an error when making requests, like i'd expect it too.
Am I missing something here?