c

Jeff Balicki
Showing 1 changed file with 3 additions and 2 deletions
app/Http/Middleware/Cors.php
--- a/app/Http/Middleware/Cors.php
View file @31cb8c3
+++ b/app/Http/Middleware/Cors.php
View file @31cb8c3
@@ -23,9 +23,10 @@ class Cors
            'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin',
            'Access-Control-Max-Age'=> '28800'
        ];
-        
+        if($request->getMethod() == "OPTIONS") {
+            // The client-side application can set only headers allowed in Access-Control-Allow-Headers
            return Response::make('OK', 200, $headers);
-        
+        }

        $response = $next($request);
        foreach($headers as $key => $value)