Register the CatchAllOptionsRequestsProvider
service provider in bootstrap/app.php
which will check the incoming request and response successfully if it is an OPTIONS
request.
Add the CorsMiddleware
to the $app->middleware([
array in bootstrap/app.php
which will attach the following CORS headers to all responses:
- allow all headers
- allow requests from all origins
- allow all the headers which were provided in the request
My solution was creating CorsMiddleware as below:
Then register the middleware with a name in bootstrap/app.php as below:
Then wrapping required routes between the defined middleware in routes/web.php as below, and adding an additional rule to handle preflight OPTIONS requests:
NOTE
Using Chrome, you can get a more detailed error message than Firefox, which will help you to fix the problem and exactly states why there is no Access-Control-Allow-Origin in the response header. Also, keep in mind that any kind of redirect is not allowed in the preflight request, so make sure you don't have such rule in your .htaccess or any other place.