Created
June 13, 2016 22:47
-
-
Save drewjoh/43ba206c1cde9ace35de154a5c84fc6d to your computer and use it in GitHub Desktop.
Revisions
-
drewjoh created this gist
Jun 13, 2016 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,14 @@ <?php // /app/Http/Middleware/Cors.php namespace App\Http\Middleware; use Closure; class Cors { public function handle($request, Closure $next) { return $next($request) ->header('Access-Control-Allow-Origin', '*') ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); } } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,8 @@ <?php // /app/Http/Kernel.php protected $routeMiddleware = [ 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'cors' => \App\Http\Middleware\Cors::class, // <<< add this line ]; This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,24 @@ CORS stands for Cross-Origin Resource Sharing an is a specification that allow modern browsers to request (and receive) data from a domain other than the one serving the page that made the request. You're building a site with cool cross domain features, and then you try to make a XHR request, you see the following message in your browser’s console: ``` XMLHttpRequest cannot load http://site123.local. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://site.local' is therefore not allowed access. The response had HTTP status code 500. ``` This means your server is not sending back to the client the headers that allow CORS: 1.Access-Control-Allow-Origin 2.Access-Control-Allow-Methods So we'll make a Laravel Middleware to fix this. (You could also add the proper headers at the Ngnix level). Create new middleware: ``` php artisan make:middleware Cors ``` Then follow the file examples in this gist to make it happen. See [http://enable-cors.org/](http://enable-cors.org/) for more information. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,5 @@ <?php Route::get('', ['middleware' => 'cors', function() { return 'You did it!'; }]);