4 months ago

Laravel 7 CORS configuration issue axios - external api

Posted 4 months ago by FrankClark

Hello There,

I am having a CORS issue, which seems to be the case every time I create a Laravel project. I've thrown a lot of sh*t at the wall but so far nothing has stuck.

Laravel 7 now apparently has CORS built in, and I believe I have it configured correctly. I have made some changes to the configuration in an attempt to force it to work. Here is my config :

return [

    'paths' => ['*'],
    'allowed_methods' => ['*'],
    'allowed_origins' => ['*'],
    'allowed_origins_patterns' => ['*'],
    'allowed_headers' => ['*'],
    'exposed_headers' => [
    'max_age' => 0,
    'supports_credentials' => false,


In my bootstrap.js I have

window.axios = require('axios');

window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
window.axios.defaults.headers['crossDomain'] = true;
window.axios.defaults.headers['Access-Control-Allow-Origin'] = '*';

let csrf = document.querySelector('meta[name="csrf-token"]');
if (csrf) {
    window.token = csrf.getAttribute('content');
    window.axios.defaults.headers.common["X-CSRF-TOKEN"] = window.token;
} else {
    console.error("CSRF token not found!")

My actual axios request (included the headers again to be sure)

axios.get(``, {headers: {
                      'crossDomain': true,
                      'Access-Control-Allow-Origin': '*',
                      'Content-Type': 'application/json',
                      'Access-Control-Allow-Methods': 'POST, GET, OPTIONS, PATCH, PUT',
                  },}).then((response) => {
              }).catch((error) => {


I am also using latests Homestead.

Any advise would be greatly appreciated.

Please sign in or create an account to participate in this conversation.