Reputation: 2868
Enable CORS in lumen
I have API developed using lumen. I can get request using postman. But when request using Jquery.ajax it is not working. So I need to know how to enable CORS in lumen API.
Upvotes: 19
Views: 40628
Answers (4)
Reputation: 2165
For Enable CORS policy inside Lumen you need to add a package via composer
Run the command for install cors package : composer require nordsoftware/lumen-cors
After that you need to configure service in bootstrap/app.php : $app->register('Nord\Lumen\Cors\CorsServiceProvider');
And Last one for middleware registration for application use :
$app->middleware([
'Nord\Lumen\Cors\CorsMiddleware', // top of all middleware
....... // rest of middlewares
]);
Upvotes: -1
Reputation: 79
@The Oracle answer works properly to many, the problem is what surfaces as CORS problem might be something else. Please be informed that PHP errors in your code could emerge as CORS problem but it's actually not. Make use of different tools to troubleshoot if it's CORS or not.
For example to prove if it's CORS use postman, ex. GET method should work properly because postman is exempted from CORS as it's not a browser. Refer https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS for reference
You may sometimes drop your API url in the browser to check for such errors, if it's a backend error or specifically PHP error it normally displays/outputs on the browser with details like what caused the error and on which line etc. Enable Debugging in PHP if you think it's not enabled.
Upvotes: -1
Reputation: 2503
Consider creating a CorsMiddleware.php file with the following code. Find detail here.
<?php namespace App\Http\Middleware;
use Closure;
class CorsMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$headers = [
'Access-Control-Allow-Origin' => '*',
'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE',
'Access-Control-Allow-Credentials' => 'true',
'Access-Control-Max-Age' => '86400',
'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With'
];
if ($request->isMethod('OPTIONS'))
{
return response()->json('{"method":"OPTIONS"}', 200, $headers);
}
$response = $next($request);
foreach($headers as $key => $value)
{
$response->header($key, $value);
}
return $response;
}
}
After saving it in your middleware folder, enable it by adding it to your bootstap/app.php file, on the list of you middleware like this
$app->middleware([
...
App\Http\Middleware\CorsMiddleware::class // Add this
]);
I hope it helps.
Upvotes: 62
Reputation: 1181
I'd recommend using the CORS package by Barry vd. Heuvel: https://github.com/barryvdh/laravel-cors#lumen
It has configurable and supports Pre-flight request handling for ajax.
Upvotes: 7
Related Questions
- How does the 'Access-Control-Allow-Origin' header work?
- How to enable CORS in ASP.net Core WebAPI
- Trying to use fetch and pass in mode: no-cors
- Why doesn't adding CORS headers to an OPTIONS route allow browsers to access my API?
- Why does my JavaScript code receive a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error, while Postman does not?
- How can I enable CORS on Django REST Framework
- No 'Access-Control-Allow-Origin' header is present on the requested resource—when trying to get data from a REST API
- What is the motivation behind the introduction of preflight CORS requests?
- How to enable CORS in ASP.NET Core
- How can you debug a CORS request with cURL?