Level 6
Solved the issue!
Jul 20, 2024
3
Level 6
Laravel Cors with Subdomain Issue
I have multi tenancy backend(laravel - tenancyforlaravel) with subdomain identification with vue SPA frontend, and It work perfectly for central domain 'test:5173 - frontend' and 'test:8000 - backend' but for subdomain this issue happen:
test.localhost/:1 Access to XMLHttpRequest at 'http://test.localhost/api/v1' from origin 'http://test.localhost:5173' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This is my cors file:
<?php
return [
'paths' => ['api/*', 'sanctum/csrf-cookie'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [''],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false,
];
So how to make sure CORS accept any subdomain wildcard? or solve the issue?
Level 1
I am having the same issue , how did you resolve this ?
Level 6
@Natnael_Men Make sure you dont have any error then use this for your config.cors file:
<?php
return [
'paths' => ['api/*', 'sanctum/csrf-cookie'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => ['/^http:\/\/([a-z0-9-]+\.localhost)(:[0-9]+)?$/', '/^https:\/\/([a-z0-9-]+\.)?yourdomain\.com$/'],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false,
];
Please or to participate in this conversation.