Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
So I am trying to solve a cors redirect issue. It has something to do with origin is not the same as the redirect so it returns an alarm. I have read that you can modify the nginx.conf file to handle this issue but still no luck. here is the command I am running
curl -s -D - -H "Origin: https://subdomain.mydomain.io" -X OPTIONS https://subdomain.mydomain.pro/api/account -o /dev/null
and this is the response I get
HTTP/1.1 204 No Content
Server: nginx/1.15.6
Date: Mon, 24 Dec 2018 01:21:06 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Check out barryvdh/laravel-cors. Basically, you'd need a middleware to add these headers to every or some response(s). Given that the above package exists, I'd suggest looking at how they've done it if you actually want to understand how it's done; or just use that dependency if it seems fit.
@XEWL - @xewl , thanks for the help. this post is kind of screwed up because what I originally posted I solved right after and was attempting to acutally delete the post which I guess I can't. so I had to add *.myurl.com to the nginx config file on laravel forge. Which actually ended up not really being a cors package issue and just a configuration isssue on the server. I am ussing spatie/laravel-cors. Once I added the wild card subdomain it fixed the 301 redirect.
Please or to participate in this conversation.