fruitcake-laravel-cors-跨域

下载安装

composer require fruitcake/laravel-cors

使用

发布配置文件

php artisan vendor:publish --tag="cors"

自定义 header头时，好比： Authorization、 Content-type时，要设置 allowed_headers来包含这些header信息，也能够设置为 [*]以容许全部请求haeder信息

若是要精确设置请求白名单，则必须将白名单包含进allowed_methods所对应的数组

<?php

return [

    /*
     * You can enable CORS for 1 or multiple paths.
     * Example: ['api/*']
     */
    'paths' => [],

    /*
    * Matches the request method. `[*]` allows all methods.
    */
    'allowed_methods' => ['*'],

    /*
     * Matches the request origin. `[*]` allows all origins.
     */
    'allowed_origins' => ['*'],

    /*
     * Matches the request origin with, similar to `Request::is()`
     */
    'allowed_origins_patterns' => [],

    /*
     * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
     */
    'allowed_headers' => ['*'],

    /*
     * Sets the Access-Control-Expose-Headers response header.
     */
    'exposed_headers' => false,

    /*
     * Sets the Access-Control-Max-Age response header.
     */
    'max_age' => false,

    /*
     * Sets the Access-Control-Allow-Credentials header.
     */
    'supports_credentials' => false,
];

allowed_origins allowed_headers 和 allowed_methods能够设置成['*'] 来容许全部值

容许全部api跨域请求，添加 HandleCors中间件到 app/Http/Kernel.php的 $middleware属性里：

protected $middleware = [
    // ...
    \Fruitcake\Cors\HandleCors::class,
];

在 $routeMiddleware属性里添加：

protected $routeMiddleware = [
    'cors' => \Fruitcake\Cors\HandleCors::class,
]

在 config/app.php 的 providers里添加服务提供者：

'providers' => [
    ...
    Fruitcake\Cors\CorsServiceProvider::class,
]

在 routes/api.php里添加路由 cors中间件：

Route::middleware('cors')->group(function () {
    Route::get('dashboard', function () {
        return view('dashboard');
    });
});