Level 73
The answer for this is the same as to your previous thread.
https://laracasts.com/discuss/channels/laravel/has-been-blocked-by-cors-policy
1 like
Jul 14, 2021
2
Level 2
Sanctum Cors Api Error
Access to XMLHttpRequest at 'http://localhost:8000/sanctum/csrf-cookie' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute. xhr.js:177 GET http://localhost:8000/sanctum/csrf-cookie net::ERR_FAILED
My Cors :
'paths' =>
[
'api/*',
'sanctum/csrf-cookie',
'login',
'register',
'logout'
],
'allowed_methods' => ['*'],
'allowed_origins' => ['*','localhost:3000','localhost:8000'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => true,
];
My react :
import React, { useState } from 'react' import App from './../../layouts/App'; import axios from 'axios' axios.defaults.withCredentials = true
export default function Login() {
const [email,setEmail]= useState('[email protected]');
const [password,setPassword]= useState('lupalupa23');
let credentials = {email,password}
const submitHandler = async (e) =>{
e.preventDefault()
await axios.get('http://localhost:8000/sanctum/csrf-cookie')
await axios.post('http://localhost:8000/login',credentials)
let {data} = await axios.get('http://localhost:8000/api/me')
console.log(data.data );
}
my env :
APP_NAME=screencast APP_ENV=local APP_KEY=base64:zsQ8a4/T8xznK70XrKBoSoPGi2X1Vs7WIDYWRiFIdxc= APP_DEBUG=true APP_URL=http://localhost SPA_URL=http://localhost:3000
LOG_CHANNEL=stack LOG_LEVEL=debug
DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=screencast DB_USERNAME=root DB_PASSWORD=
BROADCAST_DRIVER=log CACHE_DRIVER=file FILESYSTEM_DRIVER=local QUEUE_CONNECTION=sync SESSION_DRIVER=file SESSION_LIFETIME=120 SESSION_DOMAIN=localhost SANCTUM_STATEFUL_DOMAINS=localhost:3000
MEMCACHED_HOST=127.0.0.1
REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379
MAIL_MAILER=smtp MAIL_HOST=mailhog MAIL_PORT=1025 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null MAIL_FROM_ADDRESS=null MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_DEFAULT_REGION=us-east-1 AWS_BUCKET= AWS_USE_PATH_STYLE_ENDPOINT=false
PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET= PUSHER_APP_CLUSTER=mt1
Level 2
sory sure not work please help me
Please or to participate in this conversation.