df
Showing
3 changed files
with
17 additions
and
13 deletions
| ... | @@ -16,14 +16,9 @@ class Cors | ... | @@ -16,14 +16,9 @@ class Cors |
| 16 | */ | 16 | */ |
| 17 | public function handle($request, Closure $next) | 17 | public function handle($request, Closure $next) |
| 18 | { | 18 | { |
| 19 | return $next($request) | 19 | |
| 20 | ->header('Access-Control-Allow-Origin', $_SERVER['HTTP_ORIGIN']) | 20 | return $next($request)->header('Access-Control-Allow-Origin' , '*') |
| 21 | // Depending of your application you can't use '*' | 21 | ->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE') |
| 22 | // Some security CORS concerns | 22 | ->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With'); |
| 23 | ->header('Access-Control-Allow-Origin', '*') | 23 | } |
| 24 | ->header('Access-Control-Allow-Methods', 'POST, OPTIONS') | ||
| 25 | ->header('Access-Control-Allow-Credentials', 'true') | ||
| 26 | ->header('Access-Control-Max-Age', '10000') | ||
| 27 | ->header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With'); | ||
| 28 | } | 24 | } |
| 29 | } | ||
| ... | \ No newline at end of file | ... | \ No newline at end of file | ... | ... |
| 1 | |||
| 1 | <IfModule mod_rewrite.c> | 2 | <IfModule mod_rewrite.c> |
| 2 | <IfModule mod_negotiation.c> | 3 | <IfModule mod_negotiation.c> |
| 3 | Options -MultiViews | 4 | Options -MultiViews |
| ... | @@ -15,7 +16,8 @@ | ... | @@ -15,7 +16,8 @@ |
| 15 | RewriteRule ^ index.php [L] | 16 | RewriteRule ^ index.php [L] |
| 16 | 17 | ||
| 17 | # Handle Authorization Header | 18 | # Handle Authorization Header |
| 18 | RewriteCond %{HTTP:Authorization} . | 19 | Header add Access-Control-Allow-Origin "*" |
| 19 | RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | 20 | Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type" |
| 21 | Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS" | ||
| 20 | </IfModule> | 22 | </IfModule> |
| 21 | Header set Access-Control-Allow-Origin "*" | 23 | ... | ... |
| ... | @@ -8,6 +8,8 @@ | ... | @@ -8,6 +8,8 @@ |
| 8 | */ | 8 | */ |
| 9 | 9 | ||
| 10 | /* | 10 | /* |
| 11 | * | ||
| 12 | * | ||
| 11 | |-------------------------------------------------------------------------- | 13 | |-------------------------------------------------------------------------- |
| 12 | | Register The Auto Loader | 14 | | Register The Auto Loader |
| 13 | |-------------------------------------------------------------------------- | 15 | |-------------------------------------------------------------------------- |
| ... | @@ -19,6 +21,11 @@ | ... | @@ -19,6 +21,11 @@ |
| 19 | | | 21 | | |
| 20 | */ | 22 | */ |
| 21 | 23 | ||
| 24 | header('Access-Control-Allow-Origin: *'); | ||
| 25 | header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS'); | ||
| 26 | header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token'); // allow certain headers | ||
| 27 | |||
| 28 | |||
| 22 | require __DIR__.'/../bootstrap/autoload.php'; | 29 | require __DIR__.'/../bootstrap/autoload.php'; |
| 23 | 30 | ||
| 24 | /* | 31 | /* | ... | ... |
-
Please register or sign in to post a comment