Adds CORS (Cross-Origin Resource Sharing) headers support in your Laravel application

Related tags

API hacktoberfest
Overview

CORS Middleware for Laravel

Build Status Software License Total Downloads

Implements https://github.com/asm89/stack-cors for Laravel

About

The laravel-cors package allows you to send Cross-Origin Resource Sharing headers with Laravel middleware configuration.

If you want to have a global overview of CORS workflow, you can browse this image.

Upgrading from 0.x / barryvdh-laravel-cors

When upgrading from 0.x versions, there are some breaking changes:

  • A new 'paths' property is used to enable/disable CORS on certain routes. This is empty by default, so fill it correctly!
  • Group middleware is no longer supported, use the global middleware
  • The vendor name has changed (see installation/usage)
  • The casing on the props in cors.php has changed from camelCase to snake_case, so if you already have a cors.php file you will need to update the props in there to match the new casing.

Features

  • Handles CORS pre-flight OPTIONS requests
  • Adds CORS headers to your responses
  • Match routes to only add CORS to certain Requests

Installation

Require the fruitcake/laravel-cors package in your composer.json and update your dependencies:

composer require fruitcake/laravel-cors

If you get a conflict, this could be because an older version of barryvdh/laravel-cors or fruitcake/laravel-cors is installed. Remove the conflicting package first, then try install again:

composer remove barryvdh/laravel-cors fruitcake/laravel-cors
composer require fruitcake/laravel-cors

Global usage

To allow CORS for all your routes, add the HandleCors middleware at the top of the $middleware property of app/Http/Kernel.php class:

protected $middleware = [
  \Fruitcake\Cors\HandleCors::class,
    // ...
];

Now update the config to define the paths you want to run the CORS service on, (see Configuration below):

'paths' => ['api/*'],

Configuration

The defaults are set in config/cors.php. Publish the config to copy the file to your own config:

php artisan vendor:publish --tag="cors"

Note: When using custom headers, like X-Auth-Token or X-Requested-With, you must set the allowed_headers to include those headers. You can also set it to ['*'] to allow all custom headers.

Note: If you are explicitly whitelisting headers, you must include Origin or requests will fail to be recognized as CORS.

Options

Option Description Default value
paths You can enable CORS for 1 or multiple paths, eg. ['api/*'] []
allowed_origins Matches the request origin. Wildcards can be used, eg. *.mydomain.com or mydomain.com:* ['*']
allowed_origins_patterns Matches the request origin with preg_match. []
allowed_methods Matches the request method. ['*']
allowed_headers Sets the Access-Control-Allow-Headers response header. ['*']
exposed_headers Sets the Access-Control-Expose-Headers response header. false
max_age Sets the Access-Control-Max-Age response header. 0
supports_credentials Sets the Access-Control-Allow-Credentials header. false

allowed_origins, allowed_headers and allowed_methods can be set to ['*'] to accept any value.

Note: For allowed_origins you must include the scheme when not using a wildcard, eg. ['http://example.com', 'https://example.com']. You must also take into account that the scheme will be present when using allowed_origins_patterns.

Note: Try to be a specific as possible. You can start developing with loose constraints, but it's better to be as strict as possible!

Note: Because of http method overriding in Laravel, allowing POST methods will also enable the API users to perform PUT and DELETE requests as well.

Note: Sometimes it's necessary to specify the port (when you're coding your app in a local environment for example). You can specify the port or using a wildcard here too, eg. localhost:3000, localhost:* or even using a FQDN app.mydomain.com:8080

Lumen

On Lumen, just register the ServiceProvider manually in your bootstrap/app.php file:

$app->register(Fruitcake\Cors\CorsServiceProvider::class);

Also copy the cors.php config file to config/cors.php and put it into action:

$app->configure('cors');

Global usage for Lumen

To allow CORS for all your routes, add the HandleCors middleware to the global middleware and set the paths property in the config.

$app->middleware([
    // ...
    Fruitcake\Cors\HandleCors::class,
]);

Common problems

Wrong config

Make sure the path option in the config is correct and actually matches the route you are using. Remember to clear the config cache as well.

Error handling, Middleware order

Sometimes errors/middleware that return own responses can prevent the CORS Middleware from being run. Try changing the order of the Middleware and make sure it's the first entry in the global middleware, not a route group. Also check your logs for actual errors, because without CORS, the errors will be swallowed by the browser, only showing CORS errors. Also try running it without CORS to make sure it actually works.

Authorization headers / Credentials

If your Request includes an Authorization header or uses Credentials mode, set the supports_credentials value in the config to true. This will set the Access-Control-Allow-Credentials Header to true.

Echo/die

If you echo(), dd(), die(), exit(), dump() etc in your code, you will break the Middleware flow. When output is sent before headers, CORS cannot be added. When the scripts exits before the CORS middleware finished, CORS headers will not be added. Always return a proper response or throw an Exception.

Disabling CSRF protection for your API

If possible, use a route group with CSRF protection disabled. Otherwise you can disable CSRF for certain requests in App\Http\Middleware\VerifyCsrfToken:

protected $except = [
    'api/*',
    'sub.domain.zone' => [
      'prefix/*'
    ],
];

Duplicate headers

The CORS Middleware should be the only place you add these headers. If you also add headers in .htaccess, nginx or your index.php file, you will get duplicate headers and unexpected results.

License

Released under the MIT License, see LICENSE.

Comments
  • No 'Access-Control-Allow-Origin'

    No 'Access-Control-Allow-Origin'

    I write everything as stated in the readme.md file but still get an error on my requests. No 'Access-Control-Allow-Origin' header is present on the requested resource. I am using Laravel 6

    opened by baftijarovskiA 77
  • Error (No 'Access-Control-Allow-Origin' header is present on the requested resource.)

    Error (No 'Access-Control-Allow-Origin' header is present on the requested resource.)

    Hi all and @barryvdh,

    I created an application in AngularJS and I'm trying to make calls to the Laravel API:

    • MyApp (AngularJS): http://localhost:8080/
    • API (Laravel Boilerplate): http://localhost:8000/

    I use Laravel API Boilerplate (JWT Edition) to API.

    But I get this error in the browser console:

    XMLHttpRequest cannot load http://localhost:8000/api/auth/login. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.

    I tried to apply the cors middleware (barryvdh/laravel-cors) in api_routes.php but the error remains.

    api_routes.php:

    <?php
    
    $api = app('Dingo\Api\Routing\Router');
    
    $api->version('v1', ['middleware' => 'cors'], function ($api) {
    
        $api->post('auth/login', 'App\Api\V1\Controllers\[email protected]');
        $api->post('auth/signup', 'App\Api\V1\Controllers\[email protected]');
        $api->post('auth/recovery', 'App\Api\V1\Controllers\[email protected]');
        $api->post('auth/reset', 'App\Api\V1\Controllers\[email protected]');
    
        // example of protected route
        $api->get('protected', ['middleware' => ['api.auth'], function () {     
            return \App\User::all();
        }]);
    
        // example of free route
        $api->get('free', function() {
            return \App\User::all();
        });
    
    });
    

    My config/cors.php:

    return [
        'supportsCredentials' => false,
        'allowedOrigins' => ['*'],
        'allowedHeaders' => ['*'],
        'allowedMethods' => ['*'],
        'exposedHeaders' => [],
        'maxAge' => 0,
        'hosts' => [],
    ];
    

    Error: Error Error

    opened by vitalibr 65
  • laravel cors is not working with laravel 5.5

    laravel cors is not working with laravel 5.5

    Hi, I am creating demo app with React Js as frontend and Laravel 5.5 as backend. I have followed all the steps you mentioned for cors. I am able to get data properly with GET request but, other requests like POST is not working.

    config/cors.php
    
        'supportsCredentials' => false,
        'allowedOrigins' => ['*'],
        'allowedOriginsPatterns' => [],
        'allowedHeaders' => ['*'],
        'allowedMethods' => ['*'],
        'exposedHeaders' => [],
        'maxAge' => 0,
    
    axios call from react
    
    export const headers = {
        headers: {
            'Accept': 'application/json',
            'Content-Type': 'application/json',
            'Access-Control-Allow-Origin': '*',
        }
    };
    
    const sendCategory = category => {
        if (!category.categoryId) {
            console.log(category);
            return axios.post(CATEGORY_ENDPOINT, category, headers);
        }
    
        return axios.put(CATEGORY_ENDPOINT + `?id=${category.categoryId}`, category, headers)
    }
    

    image

    image

    image

    is there anything i am missing here? If it works for GET request then it should work for POST as well.

    opened by swapnil-chaudhari 49
  • Lumen 5.4  OPTIONS request returns 405

    Lumen 5.4 OPTIONS request returns 405

    Lumen 5.3 is OK , Lumen 5.4 is not support?

    Lumen (5.4.4) (Laravel Components 5.4.*)

    "laravel/lumen-framework": "5.4.*",
    "illuminate/redis": "^5.4",
    "illuminate/mail": "^5.4",
    "illuminate/routing": "^5.4",
    "barryvdh/laravel-cors": "^0.8.5",
    

    bootstrap/app.php

    $app->middleware([
        Barryvdh\Cors\HandleCors::class
    ]);
    $app->routeMiddleware([
       // .... others middleware
        'cros' => \Barryvdh\Cors\HandleCors::class
    ]);
    $app->register(Barryvdh\Cors\LumenServiceProvider::class);
    $app->configure('cors');  
    

    Route:

    $app->group(['prefix' => 'v1', 'namespace' => 'V1', 'middleware' => ['cros']], function ($app) {
    
    });
    

    config:

        'supportsCredentials' => false,
        'allowedOrigins' => ['*'],
        'allowedHeaders' => ['*'],
        'allowedMethods' => ['*'],
        'exposedHeaders' => [],
        'maxAge' => 0,
        'hosts' => [],
    

    HTTP:

    Request URL:http://test.api.sudaizhijia.com/v1/product/promotion
    Request Method:OPTIONS
    Status Code:405 Method Not Allowed
    
    Response Headers
    view source
    Access-Control-Allow-Headers:*
    Access-Control-Allow-Origin:http://test.m.sudaizhijia.com
    Allow:GET
    Cache-Control:no-cache, private
    Connection:keep-alive
    Content-Type:text/html; charset=UTF-8
    Date:Mon, 13 Feb 2017 05:16:15 GMT
    Server:nginx
    Transfer-Encoding:chunked
    Vary:Origin
    X-Powered-By:PHP/5.6.28
    
    Request Headers
    view source
    Accept:*/*
    Accept-Encoding:gzip, deflate, sdch
    Accept-Language:zh-CN,zh;q=0.8
    Access-Control-Request-Headers:x-token
    Access-Control-Request-Method:GET
    Cache-Control:max-age=0
    Connection:keep-alive
    Host:test.api.sudaizhijia.com
    Origin:http://test.m.sudaizhijia.com
    Referer:http://test.m.sudaizhijia.com/
    User-Agent:Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1
    
    

    Stack trace:

    #0 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Concerns/RoutesRequests.php(533): Laravel\Lumen\Application->handleDispatcherResponse(Array)
    #1 [internal function]: Laravel\Lumen\Application->Laravel\Lumen\Concerns\{closure}(Object(Illuminate\Http\Request))
    #2 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Routing/Pipeline.php(52): call_user_func(Object(Closure), Object(Illuminate\Http\Request))
    #3 /ynw/website/test.api.sudaizhijia.com/vendor/barryvdh/laravel-cors/src/HandleCors.php(42): Laravel\Lumen\Routing\Pipeline->Laravel\Lumen\Routing\{closure}(Object(Illuminate\Http\Request))
    #4 /ynw/website/test.api.sudaizhijia.com/vendor/illuminate/pipeline/Pipeline.php(148): Barryvdh\Cors\HandleCors->handle(Object(Illuminate\Http\Request), Object(Closure))
    #5 [internal function]: Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))
    #6 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Routing/Pipeline.php(32): call_user_func(Object(Closure), Object(Illuminate\Http\Request))
    #7 /ynw/website/test.api.sudaizhijia.com/vendor/illuminate/pipeline/Pipeline.php(102): Laravel\Lumen\Routing\Pipeline->Laravel\Lumen\Routing\{closure}(Object(Illuminate\Http\Request))
    #8 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Concerns/RoutesRequests.php(780): Illuminate\Pipeline\Pipeline->then(Object(Closure))
    #9 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Concerns/RoutesRequests.php(534): Laravel\Lumen\Application->sendThroughPipeline(Array, Object(Closure))
    #10 /ynw/website/test.api.sudaizhijia.com/vendor/laravel/lumen-framework/src/Concerns/RoutesRequests.php(475): Laravel\Lumen\Application->dispatch(NULL)
    #11 /ynw/website/test.api.sudaizhijia.com/public/index.php(28): Laravel\Lumen\Application->run()
    #12 {main}  
    
    
    opened by zhaoqy 44
  • No 'Access-Control-Allow-Origin' header is present on the requested resource.

    No 'Access-Control-Allow-Origin' header is present on the requested resource.

    I am getting this issue with Laravel 5.4

    This is my cors.php

    true, 'allowedOrigins' => ['*'], 'allowedHeaders' => ['*'], 'allowedMethods' => ['GET', 'POST', 'PUT', 'DELETE'], 'exposedHeaders' => [], 'maxAge' => 0, 'hosts' => [], ];
    opened by xyrintech 37
  • Exception handler

    Exception handler

    Hello, How can I use this middleware with Laravel 5 app/Exceptions/Handler.php? Because when exception happen, this middleware does not set the headers. Thanks!

    opened by arcadas 37
  • No 'Access-Control-Allow-Origin' header is present on the requested resource.

    No 'Access-Control-Allow-Origin' header is present on the requested resource.

    im using this boilerplate Apiato

    postman request working and browser request working but axios request not working.

    axios setup.

    import axios from 'axios';
    
    const api = axios.create({
        baseURL: 'http://api.apiato.test/v1',
        headers: {
            'Access-Control-Allow-Origin': '*',
            'Content-type': 'application/json',
        },
    });
    
    api.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
    
    let token = document.head.querySelector('meta[name="csrf-token"]') as HTMLMetaElement;
    
    if (token) {
        api.defaults.headers.common['X-CSRF-TOKEN'] = token.content;
    } else {
        console.error('CSRF token not found: https://laravel.com/docs/csrf#csrf-x-csrf-token');
    }
    
    export default api;
    
    

    error.

    Access to XMLHttpRequest at 'http://api.apiato.test/v1/users' from origin 'http://apiato.test' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    
    app.js:1691 Uncaught (in promise) Error: Network Error
        at createError (app.js:1691)
        at XMLHttpRequest.handleError
    
    opened by raakkan 34
  • Laravel 5.2

    Laravel 5.2

    when running composer require barryvdh/laravel-cors 0.7.x I get this error?

    ./composer.json has been updated
    > php artisan clear-compiled
    Loading composer repositories with package information
    Updating dependencies (including require-dev)
    Your requirements could not be resolved to an installable set of packages.
    
      Problem 1
        - Conclusion: don't install barryvdh/laravel-cors v0.7.3
        - Installation request for symfony/http-foundation == 3.0.0.0 -> satisfiable by symfony/http-foundation[v3.0.0].
        - Conclusion: remove laravel/framework v5.2.0
        - Conclusion: don't install laravel/framework v5.2.0
        - barryvdh/laravel-cors v0.7.0 requires illuminate/support ~5.0.14|5.1.x -> satisfiable by illuminate/support[v5.0.22, v5.0.25, v5.0.26, v5.0.28, v5.0.33, v5.1.1, v5.1.13, v5.1.16, v5.1.2, v5.1.20, v5.1.22, v5.1.25, v5.1.6, v5.1.8
    ].
        - barryvdh/laravel-cors v0.7.1 requires illuminate/support ~5.0.14|5.1.x -> satisfiable by illuminate/support[v5.0.22, v5.0.25, v5.0.26, v5.0.28, v5.0.33, v5.1.1, v5.1.13, v5.1.16, v5.1.2, v5.1.20, v5.1.22, v5.1.25, v5.1.6, v5.1.8
    ].
        - barryvdh/laravel-cors v0.7.2 requires illuminate/support ~5.0.14|5.1.x -> satisfiable by illuminate/support[v5.0.22, v5.0.25, v5.0.26, v5.0.28, v5.0.33, v5.1.1, v5.1.13, v5.1.16, v5.1.2, v5.1.20, v5.1.22, v5.1.25, v5.1.6, v5.1.8
    ].
        - don't install illuminate/support v5.0.22|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.0.25|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.0.26|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.0.28|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.0.33|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.1|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.13|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.16|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.2|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.20|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.22|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.25|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.6|don't install laravel/framework v5.2.0
        - don't install illuminate/support v5.1.8|don't install laravel/framework v5.2.0
        - Installation request for laravel/framework 5.2.* -> satisfiable by laravel/framework[v5.2.0].
        - Installation request for barryvdh/laravel-cors 0.7.* -> satisfiable by barryvdh/laravel-cors[v0.7.0, v0.7.1, v0.7.2, v0.7.3].
    
    
    Installation failed, reverting ./composer.json to its original content.
    

    I realize laravel 5.2 is fairly new and you may be working on this currently..

    opened by moshie 28
  • The 'Access-Control-Allow-Origin' header contains multiple values

    The 'Access-Control-Allow-Origin' header contains multiple values

    I'm using AngularJS App on the client side to access Laravel API hosted on IIS 8.5.It works fine when client is hosted on same domain.But when hosted on different domain it gives following error.

    XMLHttpRequest cannot load http://example.com/api. The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost, *', but only one is allowed. Origin 'http://localhost' is therefore not
    

    Web.config:

    <configuration>
        <system.webServer>
            <rewrite>
                <rules>
                    <rule name="Imported Rule 1" stopProcessing="true">
                        <match url="^(.*)/$" ignoreCase="false" />
                        <conditions logicalGrouping="MatchAll">
                            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
                        </conditions>
                        <action type="Redirect" url="/{R:1}" redirectType="Permanent" />
                    </rule>
                    <rule name="Imported Rule 2" stopProcessing="true">
                        <match url="^" ignoreCase="false" />
                        <conditions logicalGrouping="MatchAll">
                            <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
                            <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
                        </conditions>
                        <action type="Rewrite" url="index.php" />
                    </rule>
                </rules>
            </rewrite>
            <httpProtocol>
                <customHeaders>
                    <add name="Access-Control-Allow-Origin" value="*" />
                    <add name="Access-Control-Allow-Headers" value="Origin, Content-Type, Authorization, Accept, X-Request-With" />
                    <add name="Access-Control-Allow-Methods" value="GET, POST, PUT,  DELETE, OPTIONS" />
                    <add name="Access-Control-Allow-Credentials" value="true" />
                </customHeaders>
            </httpProtocol>
        </system.webServer>
    </configuration> 
    

    Actual Response header:

    Request Method:POST
    Status Code:200 OK
    Access-Control-Allow-Credentials:true
    Access-Control-Allow-Headers:Origin, Content-Type, Authorization, Accept, X-Request-With
    Access-Control-Allow-Methods:GET, POST, PUT,  DELETE, OPTIONS
    Access-Control-Allow-Origin:http://localhost
    Access-Control-Allow-Origin:*
    

    Why 'Access-Control-Allow-Origin' echoed twice. What is the right way to host API on IIS? Do I have to include headers in web.config file.

    opened by emoh 27
  • Laravel Cors not working when I'm using it with VueJS from http://localhost:8080

    Laravel Cors not working when I'm using it with VueJS from http://localhost:8080

    Packages:

    Laravel (Version 5.7) Dingo Api (latest version) Laravel TymonJWT (latest version) Laravel Cors (latest version)

    Settings:

    cors.pho

    'supportsCredentials' => false,
        'allowedOrigins' => ['*'],
        'allowedOriginsPatterns' => [],
        'allowedHeaders' => ['*'],
        'allowedMethods' => ['*'],
        'exposedHeaders' => [],
        'maxAge' => 0,
    

    Kernel.php

    protected $middleware = [
            \Barryvdh\Cors\HandleCors::class,
            \App\Http\Middleware\CheckForMaintenanceMode::class,
            \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
            \App\Http\Middleware\TrimStrings::class,
            \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
            \App\Http\Middleware\TrustProxies::class
        ];
    
    'api' => [
                \Barryvdh\Cors\HandleCors::class,
                'throttle:60,1',
                'bindings',
            ],
    

    routes.php

    $api = app('Dingo\Api\Routing\Router');
    
    $api->version('v1', function ($api) {
        $api->post('login', SmartlyJobs\Api\V1\Controllers\AuthController::class . '@login');
    
        $api->group(['middleware' => ['api']], function ($api) {
            $api->post('logout', SmartlyJobs\Api\V1\Controllers\AuthController::class . '@logout');
            $api->post('refresh', SmartlyJobs\Api\V1\Controllers\AuthController::class . '@refresh');
            $api->get('me', SmartlyJobs\Api\V1\Controllers\AuthController::class . '@me');
        });
    });
    

    Important: It's working actually on server, it's not working locally.

    I tried:

    1. To create routeMiddleware 'cors' and put it into 'api' (Didn't work).
    2. To add ['localhost:8080'] into the 'allowedOrigins' => ['*'] (Didn't work).
    3. To create custom middleware and add custom cors settings (Didn't work).
    4. Almost everything what I found that helped to someone.

    I didn't try:

    open -a Google\ Chrome --args --disable-web-security --user-data-dir

    Please help me, if someone have a solution.

    Thank you all, appreciate.

    opened by MrEldin 24
  • Config file issues

    Config file issues

    I've updated to laravel 4.1 and since then I'm getting the Origin is not allowed. I haven't change anything in my config file and when checking code is seems that the config file is not loaded from laravel-cors package.

    opened by icep87 22
  • How to block Cors on a same subdomain

    How to block Cors on a same subdomain

    Hello,

    we have multiple website on the same subdomain :

    • sub.domaine.com/website1
    • sub.domaine.com/website2

    How to block cors if sub.domaine.com/website2 try to connect to sub.domaine.com/website1/api/login?

    Fabien

    opened by fabien44300 0
  • Composer error upon installing in Laravel 7

    Composer error upon installing in Laravel 7

    I'm getting this error after running composer require fruitcake/laravel-cors in Laravel 7 (7.30.6 to be exact)

    Problem 1
        - Root composer.json requires fruitcake/laravel-cors ^3.0 -> satisfiable by fruitcake/laravel-cors[v3.0.0, 3.0.x-dev].
        - fruitcake/laravel-cors[v3.0.0, ..., 3.0.x-dev] require fruitcake/php-cors ^1.2 -> could not be found in any version, there may be a typo in the package name.
    

    I did tried the uninstall-reinstall pattern but didn't work.

    opened by MorganGonzales 0
  • Laravel cors are not returned

    Laravel cors are not returned

    // Handle the request $response = $next($request); ///Laravel pass to next Middleware without setting cors

        if ($request->getMethod() === 'OPTIONS') {
            $this->cors->varyHeader($response, 'Access-Control-Request-Method');
        }
    
        return $this->addHeaders($request, $response); // Cors are added here
    

    Since two days i've a bug with cors bc 'im in virtual machine for back office dev machine and database but on the host for front office dev from vue.js

    And tu update auth user profile the browser always throw a Cors error bc missing AllowAccessControlOrigin, and true they are never set by middleware cors package.

    Laravel: 8.40 FruitCake: 2.0 PHP: 7.3.27 Chrome DevsTools

    opened by Larnic 3
  • how to return or expose these Access-Control-Allow-Methods and Access-Control-Allow-Headers ?

    how to return or expose these Access-Control-Allow-Methods and Access-Control-Allow-Headers ?

    Before you start

    [X ] Update to the latest version by running composer update fruitcake/laravel-cors [ X] Make sure that Apache/nginx/Valet are NOT also adding CORS headers

    I want to know how I can return these headers in the response?

    1. Access-Control-Allow-Headers
    2. Access-Control-Allow-Methods

    only Access-Control-Expose-Headers and Access-Control-Allow-Origin these are returning right now I am using lumen 8 and the latest version of cors v2.0.4

    opened by 360synertech-dev1 0
Releases(v3.0.0)
Owner
Fruitcake
Fruitcake
Joy VoyagerApi module adds REST Api end points to Voyager with Passport and Swagger support.

Joy VoyagerApi This Laravel/Voyager module adds REST Api with Passport and Swagger support to Voyager. By ?? Ramakant Gangwar. Prerequisites Composer

Ramakant Gangwar 12 Aug 17, 2022
Online Book Store is a E-commerce Website and Book Conversion(pdf to audio and Img to txt) and Book Sharing platform.

Online-Book-Store Online Book Store is a E-commerce Website and Book Conversion(pdf to audio and Img to txt) and Book Sharing platform. The main descr

Gokul krishnan 1 May 22, 2022
A Symfony bundle that provides #StandWithUkraine banner and has some built-in features to block access to your resource for Russian-speaking users.

StandWithUkraineBundle На русском? Смотри README.ru.md This bundle provides a built-in StandWithUkraine banner for your Symfony application and has so

Victor Bocharsky 7 Jul 19, 2022
Quickly and easily expose Doctrine entities as REST resource endpoints with the use of simple configuration with annotations, yaml, json or a PHP array.

Drest Dress up doctrine entities and expose them as REST resources This library allows you to quickly annotate your doctrine entities into restful res

Lee Davis 86 Aug 21, 2022
Qiniu Resource (Cloud) Storage SDK for PHP

Qiniu Cloud SDK for PHP 安装 推荐使用 composer 进行安装。可以使用 composer.json 声明依赖,或者运行下面的命令。SDK 包已经放到这里 qiniu/php-sdk 。 $ composer require qiniu/php-sdk 直接下载安装,SD

Qiniu Cloud 802 Sep 27, 2022
Single file PHP script that adds a REST API to a SQL database

PHP-CRUD-API Single file PHP script that adds a REST API to a MySQL/MariaDB, PostgreSQL, SQL Server or SQLite database. NB: This is the TreeQL referen

Maurits van der Schee 3.1k Sep 23, 2022
The news bundle adds news functionality to Contao 4

Contao 4 news bundle The news bundle adds news functionality to Contao 4. Contao is an Open Source PHP Content Management System for people who want a

Contao 8 Jan 10, 2022
Tinify API support with laravel

ysTinify-laravel Tinify API support with laravel Install $ composer require yasmuru/ys-tinify-laravel Add this to your config/app.php, under "provider

Murugan D 42 Sep 7, 2022
A PHP library to support implementing representations for HATEOAS REST web services.

Hateoas A PHP library to support implementing representations for HATEOAS REST web services. Installation Working With Symfony Usage Introduction Conf

William Durand 995 Sep 23, 2022
EXPERIMENTAL plugin extending WPGraphQL to support querying (Gutenberg) Blocks as data, using Server Side Block registries to map Blocks to the GraphQL Schema.

WPGraphQL Block Editor This is an experimental plugin to work toward compatiblity between the WordPress Gutenberg Block Editor and WPGraphQL, based on

WPGraphQL 27 Aug 18, 2022
A robust JSON decoder/encoder with support for schema validation.

A robust wrapper for json_encode()/json_decode() that normalizes their behavior across PHP versions, throws meaningful exceptions and supports schema validation by default.

Bernhard Schussek 357 Jul 23, 2022
It helps to provide API support to projects. It is Simple, Safe and Fast.

apiservice It helps to provide API support to projects. It is Simple, Safe and Fast. Setup composer create-project mind/apiservice or After downloadin

Ali Yılmaz 4 Apr 17, 2022
Use middleware to decorate method calls within your application code.

Laravel Middlewarize ?? Chain of Responsibility Design Pattern In Laravel Apps ?? You can use middlewares to decorate any method calls on any object.

Iman 97 Sep 22, 2022
Easily integrate custom-made NPS (Net Promoter Score) into your application

Laravel NPS Easily integrate custom-made NPS (Net Promoter Score) to your application. Installation You can install the package via composer: composer

H-FARM Innovation 47 Aug 16, 2022
The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructure and leverage the power of 1Password Secrets Automation

1Password Connect PHP SDK The 1Password Connect PHP SDK provides your PHP applications access to the 1Password Connect API hosted on your infrastructu

Michelangelo van Dam 8 Jun 22, 2022
A Virtualmin API designed to run standalone or as part of a Laravel Application

Virtualmin API A Virtualmin API designed to run standalone or as part of a Laravel Application Requirements: PHP 8.0 A running Virtualmin server Featu

Fintech Systems 6 Jan 26, 2022
application/hal builder / formatter for PHP 5.4+

Nocarrier\Hal This is a library for creating documents in the application/hal+json and application/hal+xml hypermedia formats It requires PHP 5.4 or l

Ben Longden 203 Jul 21, 2022
Zoho CRM API SDK is a wrapper to Zoho CRM APIs. By using this sdk, user can build the application with ease

Archival Notice: This SDK is archived. You can continue to use it, but no new features or support requests will be accepted. For the new version, refe

null 80 Aug 29, 2022
This API provides functionality for creating and maintaining users to control a simple To-Do-List application. The following shows the API structure for users and tasks resources.

PHP API TO-DO-LIST v.2.0 This API aims to present a brief to consume a API resources, mainly for students in the early years of Computer Science cours

Edson M. de Souza 4 Apr 13, 2022