发表新帖
发表新帖

Laravel Cors (Middleware NOT working)

后端 未结
关注
8 1501
孤独总比滥情好
孤独总比滥情好 2020-12-31 12:37

I recently tries enabling CORS in Laravel 5.4 but unfortunately it doesn\'t want to work. I have included the code and the error that it\'s giving me below. Can anyone help

相关标签:
8条回答
  • 一向
    2020-12-31 12:55

    I had a problem handling files using the withHeaders() method, so thanks to the tips below i came up with this working code:

    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if ($request->isMethod('OPTIONS'))
        {
            return response()->json('{"method":"OPTIONS"}', 200, $headers);
        }

        $response = $next($request);
        $response->headers->set('Access-Control-Expose-Headers', 'Content-Disposition');
        $response->headers->set('Access-Control-Allow-Origin', 'http://localhost:8080','http://localhost','https://edu.pilateswien.org');
        $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS');

        //return $response->withHeaders($headers);
        return $response;
    }
    0 讨论(0)
  • 别跟我提以往
    2020-12-31 12:57

    In the CORS, browser first send the OPTIONS request to the specified route.

    In CORS, a preflight request with the OPTIONS method is sent, so that the server can respond whether it is acceptable to send the request with these parameters: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS

    So Change your middleware like this:

    public function handle($request, Closure $next)
    {
        if ($request->isMethod('OPTIONS')){
            $response = Response::make();
        } else {
            $response = $next($request);
        }
        return $response
            ->header('Access-Control-Allow-Origin', '*')
            ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
            ->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With, Application');
    }

    If you want to allow other headers to your routes, please add them in the 'Access-Control-Allow-Headers' header field.

    0 讨论(0)
  • 小鲜肉
    2020-12-31 13:13

    You can do it easily by adding headers in bootstrap/app.php

    header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: *');
header('Access-Control-Allow-Headers: *');
    0 讨论(0)
  • 隐瞒了意图╮
    2020-12-31 13:13

    If none of this working, add cors on apache virtual host configuration (If you use virtual host).

    Go to /etc/apache2/sites-available and add something like this gist

    then sudo a2ensite example.conf and sudo service apache2 reload ;)

    0 讨论(0)
  • 误落风尘
    2020-12-31 13:14

    I ran into a sudden CORS issue recently that was not caused by CORS header configuration, I discovered the following:

    There are Red Herring scenarios that can also cause a CORS Cross Origin error to display and yet not have anything to do with CORS configuration, It is a result of when CORS is handled by middleware and something else prevents it from being triggered.

    The following can indirectly cause the error to display in a browser response:

    • A PHP error in a Middleware class.
    • return $next($request); not being fired in middleware class method handle.
    • Route::middleware in web or api router configs reference a middleware that no longer exists or is miss spelt.
    • Same as above point but middleware specified in a Controller with $this->middleware();

    Any of these can prevent a Cors middleware from ever being fired because the app exits too early and never sets the headers and thus results in a CORS error instead of a 500 Server Header error as a result of bad middleware files or bad references to middleware.

    If you are certain you have configured CORS correctly then you should check your PHP error logs for Middleware errors.

    0 讨论(0)
  • 春和景丽
    2020-12-31 13:16

    I am using Laravel 6 and up. This url helped me in solving my CORS issue: https://medium.com/@petehouston/allow-cors-in-laravel-2b574c51d0c1

    Use this code instead of code in the url:

    <?php

namespace App\Http\Middleware;

use Closure;

class Cors
{
    public function handle($request, Closure $next)
    {

          return $next($request)
              ->header('Access-Control-Allow-Origin', '*')
              ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
              ->header('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type,X-Token-Auth, Authorization');
    }
}

    Also, if you want to use middleware through the entire application then you need to make changes in Kernel.php:

    protected $middleware = [
\App\Http\Middleware\Cors::class, //add this line to $middleware variable
]
    0 讨论(0)
 看不清?
提交回复
热议问题