The CorsServiceProvider has a couple weaknesses.
1. It generates OPTIONS routes even if OPTIONS routes already exist. I think this feature needs to check if the route already exists before creating one.
It would probably be better if OPTIONS route generation did not happen automatically. The developer should have control over if and when this functionality is executed.
The cors service allows you to apply the middleware at whatever level you choose. The idea is that one controller might have different requirements than another controller, and a third controller might not support CORS at all. The current solution covers the case where one controller uses CORS but another doesn't. The case where one controller has different CORS settings than another is difficult to express with the current architecture.
The
CorsServiceProvider
has a couple weaknesses.1. It generatesOPTIONS
routes even ifOPTIONS
routes already exist. I think this feature needs to check if the route already exists before creating one.OPTIONS
route generation did not happen automatically. The developer should have control over if and when this functionality is executed.cors
service allows you to apply the middleware at whatever level you choose. The idea is that one controller might have different requirements than another controller, and a third controller might not supportCORS
at all. The current solution covers the case where one controller usesCORS
but another doesn't. The case where one controller has differentCORS
settings than another is difficult to express with the current architecture.