Laravel 6 CORS policy issue with API

Asked 5/12, 2019 at 11:49 Answered 24/12, 2023 at 20:53

Here is what i tried

Middleware

 return $next($request)
        ->header('Access-Control-Allow-Origin', '*')
        ->header('Access-Control-Allow-Credentials', 'true')
        ->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Authorization, X-Requested-With, Accept, X-Token-Auth, Application')
        ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');

API route

Route::group(['middleware' => ['cors', 'auth:api']], function() {
Route::options('{any}');
Route::post('user/profile','UserController@profile');

Kernel.php

protected $routeMiddleware = [
    'cors' => \App\Http\Middleware\Cors::class,

But still, I am getting this error in API call from another origin.

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Any reason?

Vacillate answered 5/12, 2019 at 11:49 Comment(2)

did you find the solution? i can't find the solution. all solutions not working. fed up. I dont want to modify the file bootstrap/app.php – Dulcimer 9/9, 2021 at 10:34

same here, any solution with this one? I'm also using Laravel 6 – Ofelia 2/10, 2023 at 14:6

The Easiest Solution Go to bootstrap folder and open app.php file. Then just add these lines at the top of the file. app.php

  header('Access-Control-Allow-Origin: *');
  header('Access-Control-Allow-Methods: *');
  header('Access-Control-Allow-Headers: *');

Another Solution:

      php artisan make:middleware Cors

Now open Cors.php from App\Http\Middleware folder and replace handle() function with this code:

Cors.php

  public function handle($request, Closure $next)
  {
      return $next($request)
          ->header('Access-Control-Allow-Origin', '*')
          ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE,

        OPTIONS')
          ->header('Access-Control-Allow-Headers', 'Content-Type, Authorizations');
  }

Lastly, open Kernel.php from App\Http folder add the below line to the $middleware array:

  protected $middleware = [
      ...
      \App\Http\Middleware\Cors::class,
  ];

Now run the application and call API from anywhere.

The tutorial is over. Thank you. 🙂

Answer by MyNotePaper

Coprophilous answered 20/3, 2020 at 8:20 Comment(1)

I think this is Laravel 6 version bug, and this trick work for me – Weightless 19/11, 2022 at 6:51

Require the fruitcake/laravel-cors package in your composer.json and update your dependencies:

composer require fruitcake/laravel-cors

Global usage

To allow CORS for all your routes, add the HandleCors middleware in the $middleware property of app/Http/Kernel.php class:

protected $middleware = [
    // ...
    \Fruitcake\Cors\HandleCors::class,
];

Configuration

php artisan vendor:publish --tag="cors"

Now update the config to define the paths you want to run the CORS service on, (see Configuration below):

config/cors.php

'paths' => ['api/*'],

More details https://github.com/fruitcake/laravel-cors

Eadwina answered 17/1, 2020 at 12:47 Comment(1)

HandleCors middleware should be at the top of $middleware: https://mcmap.net/q/1185434/-laravel-cors-with-fruitcake – Tumid 16/9, 2020 at 5:50

hello if you are using laravel 6 maybe all the above resolves will not work

so you should to put the code below inside the file RouteServiceProvider.php :

public function boot()
{
    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Methods: *');
    header('Access-Control-Allow-Headers: *');
    parent::boot();
}

Outfoot answered 24/12, 2023 at 20:53 Comment(0)

Recommended topics

Hot tags