Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello, i have this error, I dont know if my configuration is bad, or is correctly. File config\cors.php
<?php
return [
/*
|--------------------------------------------------------------------------
| Cross-Origin Resource Sharing (CORS) Configuration
|--------------------------------------------------------------------------
|
| Here you may configure your settings for cross-origin resource sharing
| or "CORS". This determines what cross-origin operations may execute
| in web browsers. You are free to adjust these settings as needed.
|
| To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
*/
'paths' => [
'api/*',
'/*',
'register',
'sanctum/csrf-cookie',
],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [''],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => true,
];
config\sanctum.php
'stateful' => explode(',', env(
'SANCTUM_STATEFUL_DOMAINS',
'localhost, 127.0.0.1'
// 'localhost,localhost:8080,127.0.0.1,127.0.0.1:8080,::1'
)),
Kernel.php
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
Model user.php I add HasApitokens and my file .env i have:
SESSION_DOMAIN=localhost:8080
SANCTUM_STATEFUL_DOMAINS=localhost:8080
I use too only localhost, in my project file main of vuejs i have this:
Vue.config.productionTip = false
Vue.prototype.$http = axios
axios.defaults.withCredentials = true
axios.defaults.baseURL = 'http://localhost:8000/'
Vue.use(VueCountryCode);
new Vue({
router,
vuetify,
store,
render: h => h(App)
}).$mount('#app')
and in the methods to send the form i have this
sendRegister(){
this.$http.get('sanctum/csrf-cookie').then(() => {
this.$http.post('register', this.form).then(res=>{
console.log(res)
})
});
},
And i have the error that show you in the images, what is my error in this configuration :/
Essentially the error states that your Access-Control-Allow-Origin header is missing ;-)
A quick google will take you here: https://stackoverflow.com/a/60996583/4875368
config\cors.php need a change in the allowed_origins_patternsarray
You could just whitelist all of them for now (only for dev purposes!)
Like so:
'allowed_origins_patterns' => ['*'],
Not found T_T
Not found? What do you mean? please provide more context...
It seems very strange to me, when I make a query and the query is wrong, I get that the cors policy is blocked, and when it is correct it brings this data. someone knows why? I have this code
public function create(Request $request){
try {
//code...
$validator = Validator::make($request->all(), [
'country' => 'required|string|max:40',
'phone' => 'required|string|max:100',
'email'=> 'required|string|max:255',
'password' => 'required|string|min:6'
]);
if($validator->fails()){
return response([
'Error' => $validator->errors()->all()
],422);
}else{
$country = Country::where('code', $request['iso2'])->get();
$type = TypeUser::find(1)->get();
return var_dump($country);
}
} catch (\Exception $th) {
//throw $th;
return $th;
}
}
when i return $country, I have the data but i return type i have the cors blocked o.o, if someone know help me please, but thanks to help me.
To answer this question you should refer to this
The problem with Cors and exceptions is the same here: when anything abort the request to display content, the headers are not correctly returned so the Cors issue appears.
I forgot to say that the request only sent it to me if the path was api / register
Please or to participate in this conversation.