Skip to content

Instantly share code, notes, and snippets.

@danharper

danharper/CatchAllOptionsRequestsProvider.php

Last active August 2, 2025 18:24
Show Gist options
  • Save danharper/06d2386f0b826b669552 to your computer and use it in GitHub Desktop.
Save danharper/06d2386f0b826b669552 to your computer and use it in GitHub Desktop.
Download ZIP
Lumen with CORS and OPTIONS requests
Raw
CatchAllOptionsRequestsProvider.php
<?php namespace App\Providers;
use Illuminate\Support\ServiceProvider;
/**
* If the incoming request is an OPTIONS request
* we will register a handler for the requested route
*/
class CatchAllOptionsRequestsProvider extends ServiceProvider {
public function register()
{
$request = app('request');
if ($request->isMethod('OPTIONS'))
{
app()->options($request->path(), function() { return response('', 200); });
}
}
}
Raw
CorsMiddleware.php
<?php namespace App\Http\Middleware;
class CorsMiddleware {
public function handle($request, \Closure $next)
{
$response = $next($request);
$response->header('Access-Control-Allow-Methods', 'HEAD, GET, POST, PUT, PATCH, DELETE');
$response->header('Access-Control-Allow-Headers', $request->header('Access-Control-Request-Headers'));
$response->header('Access-Control-Allow-Origin', '*');
return $response;
}
}
Raw
usage.md

Register the CatchAllOptionsRequestsProvider service provider in bootstrap/app.php which will check the incoming request and response successfully if it is an OPTIONS request.

Add the CorsMiddleware to the $app->middleware([ array in bootstrap/app.php which will attach the following CORS headers to all responses:

  • allow all headers
  • allow requests from all origins
  • allow all the headers which were provided in the request
@rvalitov
Copy link

rvalitov commented Oct 8, 2021

A single file solution with CorsMiddleware.php worked like a charm with Lumen 8.x. The only issue I had that my .htaccess file was not default and was adjusted with the following command:

RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

In my case I had to remove these lines to make things work.

@saydin
Copy link

saydin commented Oct 8, 2021
edited
Loading

Hello everyone again. I solved my error related to this issue. I share my answer with you below.

image
Due to the middleware structure, it returns and switches to the next request after processing. If an error is encountered after the request middleware has passed and did not return, the return value will be null.

For example, after I pass the request from the cors middleware, I am sending a mail via a event as a result of a series of operations. However, even though I changed the mail blade I sent, the cors middleware response value returns null because the php document created in ~/storage/framework/views does not update, and an error occurs.

https://stackoverflow.com/questions/68739232/call-to-a-member-function-header-on-null-in-cors-middleware-in-lumen/68760328#68760328

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment