Level 1
Have you tried to add: 'https://myurl.com' to your array of allow_origins?
Dec 21, 2018
4
Level 2
Laravel Cors Issue On Production Server(NGINX)
I am running into an issue on my production server that did not come about when running things locally. I have a separate front end making requests to my laravel backend. I installed the the spatie/laravel-cors package to handle cors and like I said locally it works fine. Once I loaded it to my digital ocean droplet using forge I started getting this alarm
has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
I am not sure how I can trouble shoot this issue and I have tried every option I can find available. Desperate for a solution.
here is the cors.php configu file
<?php
return [
/*
* A cors profile determines which origins, methods, headers are allowed for
* a given requests. The `DefaultProfile` reads its configuration from this
* config file.
*
* You can easily create your own cors profile.
* More info: https://github.com/spatie/laravel-cors/#creating-your-own-cors-profile
*/
'cors_profile' => Spatie\Cors\CorsProfile\DefaultProfile::class,
/*
* This configuration is used by `DefaultProfile`.
*/
'default_profile' => [
'allow_credentials' => false,
'allow_origins' => [
'https://*.myurl.com',
],
'allow_methods' => [
'POST',
'OPTIONS',
'GET',
'PUT',
'PATCH',
'DELETE',
],
'allow_headers' => [
'Content-Type',
'X-Auth-Token',
'Origin',
'Authorization',
],
'expose_headers' => [
'Cache-Control',
'Content-Language',
'Content-Type',
'Expires',
'Last-Modified',
'Pragma',
],
'forbidden_response' => [
'message' => 'Forbidden (cors).',
'status' => 403,
],
/*
* Preflight request will respond with value for the max age header.
*/
'max_age' => 60 * 60 * 24,
],
];
I tried allow origins like this as well
'allow_origins' => [
'*',
],
but still no luck.
any help would be greatly appreciated!!
Level 2
@ZEROHOUR - yes I have. I have tried just about every solution I can find on the internet with no success yet. Thank for the help though!
1 like
Level 2
the issue was with laravel forge config file. because I am making requests to subdomains on the server and not just the main domain, I had to tell the server to accept requests to subdomains. in the nginx config file I added *.myurl.com and it resolved the alarm 301 permanently moved. So even though in the console it said it was a cors issue it was with the server and not the cors package.
1 like
@boldstar hi im exactly recevie error in subdomain please tell How change config ngnix and solve error
Please or to participate in this conversation.