Problem 1
    - Installation request for laravel/lumen dev-develop -> satisfiable by laravel/lumen[dev-develop].
    - palanik/lumen-cors dev-master requires laravel/lumen >=5.0.0 -> satisfiable by laravel/lumen[v5.0.0, v5.0.1].
    - Can only install one of: laravel/lumen[v5.0.0, dev-develop].
    - Can only install one of: laravel/lumen[v5.0.1, dev-develop].
    - Installation request for palanik/lumen-cors dev-master -> satisfiable by palanik/lumen-cors[dev-master].

Are you going to be supporting v5.0.1?

Not working for return response()->download(); I have cors as global middleware.

Error: Call to undefined method Symfony\Component\HttpFoundation\BinaryFileResponse::header()

I have defined a route like this:

$app->group(['middleware' => 'cors', 'namespace' => 'App\Http\Controllers'], function($app)  {
    $app->get('/territory/check_in', 'Territories@check_in');
});

Currently the page that calls the api is at: http://192.168.99.100:9900 And the end point api is: http://192.168.99.100:9907/territory/check_in

However, when I call it from javascript on another host, I got this error:

XMLHttpRequest cannot load http://192.168.99.100:9907/territory/check_in. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.99.100:9900' is therefore not allowed access. The response had HTTP status code 405.

Although its currently wide open for any origin.

I call it like this:

$('#check_in').click(function(){
                $.ajax({
                    url: 'http://192.168.99.100:9907/territory/check_in',
                    type: "get",
                    data: {},
                    success: function(data){
                        alert(data);
                    }
                });
            });

Can you please advice?

In setExposeHeaders the associative array settings is accessed with arrow operator: $this->settings->exposeHeaders (lines 26 - 27). Should not be $this->settings['exposeHeaders']?

Hello,

Whenever i try to access to a "authorization required" area, i get an 405 error which is fine, but the CORS is not sent. That behavior happens on nginx too and is solved by adding a 3rd parameter to the "Access-Control-Allow-Origin", something like this:

"Access-Control-Allow-Origin * always"

Because by default, nginx only returns CORS header to 2xx and 3xx status code. Maybe there's something similar to fix this, i dont know.

So far i dont know how to bypass this, so any help would be really appreciated. Thank you :)

Occasionally, some controllers or middlewares will return a Symfony Response, rather than an Illuminate Response. When this happens, this Middleware fails due to calls to $rsp->header($headerName, $headerValue). This can be easily fixed by replacing these with $rsp->headers->set($headerName, $headerValue).

Additionally, for full coverage, you could also replace calls to $req->header($headerName) with $reg->headers->get($headerName) to cover the rare occasion when a Symfony Request is used as well (I haven't actually run into that issue, personally).

I recently did a composer update and the old $rsp->header() calls were failing with this error:

Call to undefined method Symfony\Component\HttpFoundation\Response::header()
in LumenCors.php (line 21)
at LumenCors->setOrigin(object(Request), object(Response))in LumenCors.php (line 86)
at LumenCors->setCorsHeaders(object(Request), object(Response))in LumenCors.php (line 108)
at LumenCors->handle(object(Request), object(Closure))in Pipeline.php (line 148)
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request))in Pipeline.php (line 32)
at Pipeline->Laravel\Lumen\Routing\{closure}(object(Request))in Pipeline.php (line 102)
at Pipeline->then(object(Closure))in RoutesRequests.php (line 778)
at Application->sendThroughPipeline(array('palanik\\lumen\\Middleware\\LumenCors'),object(Closure))in RoutesRequests.php (line 534)
at Application->dispatch(null)in RoutesRequests.php (line 475)
at Application->run()in index.php (line 62)

This PR changes it to use $rsp->headers->set() which now works.

I don't know exactly when the breaking change was introduced.

I'm trying to use your custom middleware to allow OPTIONS requests in Lumen, but I only managed to use it globally. When I try to use it in specific routes it still doesn't allow OPTIONS. (MethodNotAllowedHttpException) Am I missing something?

Hi, I get the following error when I use:

$headers = array('Content-Type' => 'application/zip');
return response()->download("file", "test", $headers);

FatalThrowableError in LumenCors.php line 21:
Call to undefined method Symfony\Component\HttpFoundation\BinaryFileResponse::header()
in LumenCors.php line 21
at LumenCors->setOrigin(object(Request), object(BinaryFileResponse)) in LumenCors.php line 86
at LumenCors->setCorsHeaders(object(Request), object(BinaryFileResponse)) in LumenCors.php line 108
at LumenCors->handle(object(Request), object(Closure))
at call_user_func_array(array(object(LumenCors), 'handle'), array(object(Request), object(Closure))) in Pipeline.php line 136
at Pipeline->Illuminate\Pipeline\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 32
at Pipeline->Laravel\Lumen\Routing\{closure}(object(Request))
at call_user_func(object(Closure), object(Request)) in Pipeline.php line 102
at Pipeline->then(object(Closure)) in RoutesRequests.php line 633
at Application->sendThroughPipeline(array('palanik\lumen\Middleware\LumenCors'), object(Closure)) in RoutesRequests.php line 389
at Application->dispatch(null) in RoutesRequests.php line 334
at Application->run() in index.php line 28
at require('/Users/Kevin/Projecten/api/bapi/public/index.php') in server.php line 106

Thx in advance