Laravel 5.7 API with CORS issue

Question

I've already looked at Laravel 5.2 CORS, GET not working with preflight OPTIONS which was helpful to diagnose the issue, but I'm still having issues.

The exact error:

Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

It's no longer failing as a result of the access control response, but it's still failing. How would I go about updating this?

Answer 1

I have experienced this several times where it gives a CORS error yet if I check, the Access-Control-Allow-Headers it is actually present in the preflight response. I noted that Laravel can sometimes return that CORS because of an issue with the controller/model that is involved with that request. I have experienced this 3 times and these were the 3 reasons:

• Using a trait in a model when I had not imported the actually trait into the model
• Had a typo in the model class definition e.g. class Document implements Filee instead of File
• I checked the laravel.log and it had an error that I was not implementing some abstract methods in the a certain model class (this was today, toiled for many hours!!!)

I write this, with examples, in the hope that it can actually help somebody. The issue is difficult to troubleshot given that it just gives a CORS error without much info about what the issue is at the back.

Good luck.

Answer 2

Usually this will happen if the route is defined improperly... Check to make sure the route and its verb are properly defined.