CODEWITHSUNDEEP
phpcorslaravel-6
Doe
Doe

Reputation: 13

Laravel 6 CORS policy issue with API

Here is what i tried

Middleware

 return $next($request)
        ->header('Access-Control-Allow-Origin', '*')
        ->header('Access-Control-Allow-Credentials', 'true')
        ->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Authorization, X-Requested-With, Accept, X-Token-Auth, Application')
        ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');

API route

Route::group(['middleware' => ['cors', 'auth:api']], function() {
Route::options('{any}');
Route::post('user/profile','UserController@profile');

Kernel.php

protected $routeMiddleware = [
    'cors' => \App\Http\Middleware\Cors::class,

But still, I am getting this error in API call from another origin.

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Any reason?

Upvotes: 1

Views: 8921

Answers (3)

omar alkojji
omar alkojji

Reputation: 11

hello if you are using laravel 6 maybe all the above resolves will not work

so you should to put the code below inside the file RouteServiceProvider.php :

public function boot()
{
    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Methods: *');
    header('Access-Control-Allow-Headers: *');
    parent::boot();
}

Upvotes: 1

Kabir Hossain
Kabir Hossain

Reputation: 3105

The Easiest Solution Go to bootstrap folder and open app.php file. Then just add these lines at the top of the file. app.php

  header('Access-Control-Allow-Origin: *');
  header('Access-Control-Allow-Methods: *');
  header('Access-Control-Allow-Headers: *');

Another Solution:

      php artisan make:middleware Cors

Now open Cors.php from App\Http\Middleware folder and replace handle() function with this code:

Cors.php

  public function handle($request, Closure $next)
  {
      return $next($request)
          ->header('Access-Control-Allow-Origin', '*')
          ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE,

        OPTIONS')
          ->header('Access-Control-Allow-Headers', 'Content-Type, Authorizations');
  }

Lastly, open Kernel.php from App\Http folder add the below line to the $middleware array:

  protected $middleware = [
      ...
      \App\Http\Middleware\Cors::class,
  ];

Now run the application and call API from anywhere.

The tutorial is over. Thank you. 🙂

Answer by MyNotePaper

Upvotes: 5

Parth Kharecha
Parth Kharecha

Reputation: 6503

Require the fruitcake/laravel-cors package in your composer.json and update your dependencies:

composer require fruitcake/laravel-cors

Global usage

To allow CORS for all your routes, add the HandleCors middleware in the $middleware property of app/Http/Kernel.php class:

protected $middleware = [
    // ...
    \Fruitcake\Cors\HandleCors::class,
];

Configuration

php artisan vendor:publish --tag="cors"

Now update the config to define the paths you want to run the CORS service on, (see Configuration below):

config/cors.php

'paths' => ['api/*'],

More details https://github.com/fruitcake/laravel-cors

Upvotes: 2

Related Questions