jleonardolemos/cors.php

## cors.php
<?php

namespace App\Http\Middleware;

use Closure;

class Cors {
    public function handle($request, Closure $next)
    {
        return $next($request)
            ->header('Access-Control-Allow-Origin', '*')
            //->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
            //->header('Access-Control-Allow-Credentials', 'true')
            //->header('Access-Control-Max-Age', '10000')
            //->header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With, x-xsrf-token');
            ->header('Access-Control-Allow-Headers', 'x-xsrf-token');
    }
}
	<?php

	namespace App\Http\Middleware;

	use Closure;

	class Cors {
	public function handle($request, Closure $next)
	{
	return $next($request)
	->header('Access-Control-Allow-Origin', '*')
	//->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
	//->header('Access-Control-Allow-Credentials', 'true')
	//->header('Access-Control-Max-Age', '10000')
	//->header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With, x-xsrf-token');
	->header('Access-Control-Allow-Headers', 'x-xsrf-token');
	}
	}