English 中文(简体)
如何在Laravel设立CORS, 以便获得证书和具体来源?
原标题:How to set up CORS in Laravel to allow credentials and specific origins?
I’m working on a Laravel application that needs to handle CORS for requests coming from a Vue 3 frontend. I am encountering a CORS error related to credentials, and I need help configuring CORS correctly in my Laravel backend. I receive the following error when trying to make an XMLHttpRequest from my Vue application to my Laravel backend: Access to XMLHttpRequest at http://127.0.0.1:8000/api/oauth/token from origin http://127.0.0.1:5173 has been blocked by CORS policy: Response to preflight request doesn t pass access control check: The value of the Access-Control-Allow-Credentials header in the response is which must be true when the request s credentials mode is include .
问题回答
You can handle CORS in Laravel by manually setting the appropriate headers in your middleware. Here s how you can do it: This solution is for older laravel versions, for laravel 11+, run: php artisan config:publish cors and adjust your settings in the cors config 1. Create a Custom Middleware create a custom middleware that will handle the CORS settings: php artisan make:middleware HandleCors 2. Configure the Middleware open the newly created HandleCors.php file and modify it to include the necessary CORS headers: namespace AppHttpMiddleware; use Closure; class HandleCors { /** * Handle an incoming request. * * @param IlluminateHttpRequest $request * @param Closure $next * @return mixed */ public function handle($request, Closure $next) { $response = $next($request); $response->headers->set( Access-Control-Allow-Origin , http://127.0.0.1:5173 ); // or other domain $response->headers->set( Access-Control-Allow-Methods , GET, POST, PUT, DELETE, OPTIONS ); $response->headers->set( Access-Control-Allow-Headers , Content-Type, Authorization ); $response->headers->set( Access-Control-Allow-Credentials , true ); // Handle preflight requests if ($request->getMethod() === OPTIONS ) { $response->setStatusCode(200); return $response; } return $response; } } 3. Register the Middleware Register the middleware in the app/Http/Kernel.php file. You can either add it to the global middleware stack or just to the api middleware group: protected $middleware = [ // ... AppHttpMiddlewareHandleCors::class, // ... ]; // OR in the $middlewareGroups for api protected $middlewareGroups = [ api => [ // ... AppHttpMiddlewareHandleCors::class, ], ]; 4. Clear Configuration Cache (if needed) If you encounter any issues, clear the configuration cache: php artisan config:cache




相关问题
selected text in iframe

How to get a selected text inside a iframe. I my page i m having a iframe which is editable true. So how can i get the selected text in that iframe.

How to fire event handlers on the link using javascript

I would like to click a link in my page using javascript. I would like to Fire event handlers on the link without navigating. How can this be done? This has to work both in firefox and Internet ...

How to Add script codes before the </body> tag ASP.NET

Heres the problem, In Masterpage, the google analytics code were pasted before the end of body tag. In ASPX page, I need to generate a script (google addItem tracker) using codebehind ClientScript ...

Clipboard access using Javascript - sans Flash?

Is there a reliable way to access the client machine s clipboard using Javascript? I continue to run into permissions issues when attempting to do this. How does Google Docs do this? Do they use ...

javascript debugging question

I have a large javascript which I didn t write but I need to use it and I m slowely going trough it trying to figure out what does it do and how, I m using alert to print out what it does but now I ...

Parsing date like twitter

I ve made a little forum and I want parse the date on newest posts like twitter, you know "posted 40 minutes ago ","posted 1 hour ago"... What s the best way ? Thanx.

热门标签