I am facing a dilemma wit the CORS issue. I have application that is configured as follow:
API: https://abc.mydomain.com (laravel)
front end: https://subdomain.mydomain.com(VueJS)
Both applications have its own virtual host setup using SSL.
The problem I am facing is, currently I have about 35 API routes and they all work fine; however I have ONE route that gives the following Cors error:
Response to preflight request doesn t pass access control check: Redirect is not allowed for a preflight request
I have tried the following:
- Install reverse proxy(apache)
- headers in .htaccess
- add headers in the index.php
- add headers in the virtual host entry
- cors.php manipulatation below is my setup cors.php
allowed_methods => [ * ],
allowed_origins => [ * ],
allowed_origins_patterns => [],
allowed_headers => [ * ],
exposed_headers => [],
max_age => 0,
supports_credentials => false,
http.js
let config = {
baseURL: vue_config.baseURLApi,
crossdomain: true,
headers: {
Access-Control-Allow-Origin : * ,
Accept : application/json ,
Content-Type : application/json ,
X-Requested-With : XMLHttpRequest ,
common: {
Authorization : `Bearer ${auth_token}`,
}
}
I am not sure what else to try. Can someone help. Again. only ONE route give the CORS issue and the controller being used by this route does not have any custom middleware manipulation.