Cors issue inside js library

Hi everybody,

I post here because i tried a lot of solution on the internet and didn't find my answer.

Here is my problem : I'm trying to use a js library that make a request to an url that i enter in a input field.

i can't modify the library because i'm not the owner and i don't know how to allow those request to be perfoms.

Kernel PHP

protected $middleware = [
        // \App\Http\Middleware\TrustHosts::class,
        \App\Http\Middleware\TrustProxies::class,
        \Fruitcake\Cors\HandleCors::class,
        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        \Fruitcake\Cors\HandleCors::class,

config/cors.php

return [

    /*
    |--------------------------------------------------------------------------
    | Laravel CORS Options
    |--------------------------------------------------------------------------
    |
    | The allowed_methods and allowed_headers options are case-insensitive.
    |
    | You don't need to provide both allowed_origins and allowed_origins_patterns.
    | If one of the strings passed matches, it is considered a valid origin.
    |
    | If ['*'] is provided to allowed_methods, allowed_origins or allowed_headers
    | all methods / origins / headers are allowed.
    |
    */

    /*
     * You can enable CORS for 1 or multiple paths.
     * Example: ['api/*']
     */
    'paths' => ['api/*'],

    /*
    * Matches the request method. `['*']` allows all methods.
    */
    'allowed_methods' => ['*'],

    /*
     * Matches the request origin. `['*']` allows all origins. Wildcards can be used, eg `*.mydomain.com`
     */
    'allowed_origins' => ['*'],

    /*
     * Patterns that can be used with `preg_match` to match the origin.
     */
    'allowed_origins_patterns' => [],

    /*
     * Sets the Access-Control-Allow-Headers response header. `['*']` allows all headers.
     */
    'allowed_headers' => ['*'],

    /*
     * Sets the Access-Control-Expose-Headers response header with these headers.
     */
    'exposed_headers' => [],

    /*
     * Sets the Access-Control-Max-Age response header when > 0.
     */
    'max_age' => 0,

    /*
     * Sets the Access-Control-Allow-Credentials header.
     */
    'supports_credentials' => false,
];

vuejs script that make cors error

updatef() {
            this.skinRender.clearScene();
            console.log(document.getElementById('skin').type);
            if(document.getElementById('skin').type == File){ //Si c'est un fichier on le charge

                this.url = document.getElementById('skin').files[0];
                this.skinRender.render({
                url : this.url,});
            }else{
                this.url = document.getElementById('skin').value;
                this.skinRender.render(this.url);
            }
        }

the error

Access to image at 'minecraftskins.com/uploads/skins/2022/11/27/you-can-t-see-me-behind-the-screen-21089043.png?v533' from origin 'ht:127.0.0.1:8000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

If you can help me, i tried everything but i can't resolve this issue for now a week.

Thanks in advance, don't hesitate if you need more informations !