No 'Access-Control-Allow-Origin' #421
Comments
Experiencing the same problem, what might be the issue |
Same here |
Same |
GET requests seem to be working fine, POST requests are not going through in my case |
What is your config? |
|
Did you clear the config cache? What is the actual path you post to? |
I've cleared config cache. Posting to http://localhost/capslock-admin/backend/public/api/login |
That's an unusual path, perhaps try * or |
If I set paths to 'paths' => ['*'] GET requests work. POST requests are not working at all |
And you added the middleware to the global middleware? Not just the group? |
same problem here, I did add the HandleCors to the globale middlewares...set config to '*' on neccessary fields... |
I added the middleware, didn't work. Removed it, still didn't work |
Cam you add some logging to https://github.com/fruitcake/laravel-cors/blob/master/src/HandleCors.php ? Maybe check if shouldRun or isMatchingPath are returning true correctly. |
I found my issue: I had to sent "Accept: application/json" HTTP-Header to laravel...without "accept"-header it does not work. |
Maybe you should check |
+1 I have some issue to. No problem with get request |
I had to sent "Accept: application/json" HTTP-Header to laravel. Not working. |
In my case, it happen if I read base64 data from $request. But if I not read there is no problem |
Are you not having errors (eg. CSRF errors?) Can you put some loggers? Is the same request working with Postman? Can you show how you output/create the response? |
Hi, thanks for your response. This my config
|
Are all of you using some sub-path? eg. localhost/yourproject/public/api.. ? |
I use /public/ just only for development |
Are you sure the ReactJS is not sending a OPTIONS request before the POST request? Every time struggling with that again with NuxtJS. Mostly the server configuration needs to change to allow method request OPTIONS to fix this for me. |
Same error here |
Does it happen with php artisan:serve? Did you clear the cache (config etc) and check the permissions for the storage/bootstrap folders? |
I faced the same problem, and tried everything mentioned above, still not working |
Did you guys consider trying returning JSON (or checking if it returns JSON)? |
I had this same issue and it seems to have been resolved by adding HandleCors::class to the top of the $middlewarePriority list in addition to the $middleware list as noted in the docs:
|
Did you allow credentials? |
@barryvdh you mean 'supports_credentials'? It is set to true. |
so it's not the default config? Can you please post the exact config + request headers and response headers (as seen in dev tools) |
Cors.php
Request headers
Response
|
I've created an issue template, can you all verify these steps and create a new issue if it doesn't work? Before you start Check your config Clear your caches |
In my case, there is no problem when api request to |
It is solved when I delete the code in controller :3 . So please delete if you use.
|
please I have the problem 3 days and I can't find a solution "Laravel 6" that frustrating Having the same problem here. Using the default config on production and doing a request with
protected $middleware = [
|
For my case, After several hours drill down to HandlerCors and CorsService class, the path should be set, else all request will become non-cors |
@saavedraphp you allow api/* but your request is /estados ? |
is there a fix for this issue yet? |
@carlomigueldy What I did to make this work is code in endpoints within Laravel to use and then use a Guzzle request within Laravel to request the external source. |
can u show an example? @Brandutchmen |
I have the same problem. in my case, i have the route 'api/carga/detail/{id}' with ok response, but the route 'api/carga/uploader' return "No 'Access-Control-Allow-Origin'" error. the only difference in the last one endpoint is that it comes with form-data (files) from the origin. My cors setting is: I hope to find any solution. |
@jardila It looks like your api request url is your yoururl/api/cargo/uploader, but your devtools is using port 3000. That might be contributing to your problem. Otherwise, I assume that route is resolving to a controller in Laravel? What does your controller on that one look like? |
Thanks @Brandutchmen for your feedback, yes, my app is using the 3000 port but that is not the problem, searching a bit, i find that the problem might be nginx because i had forgotten set 'client_max_body_size' variable (i'm using files very long) and when i put the corresponding value to nginx 'client_max_body_size' the error now is the request send my FormData empty and my controller receive it but generate an error because the file form does not comes with the request. I will find any solution and will post here if i can do it. |
@carlomigueldy So here is an sample of a working CORS setup on one of my projects:
Route (routes /getData to the controller@getData) Cors config: (This is probably not configured in the most optimal way, just a quick test)
Vue Method:
|
@jardila Yeah. That does sound like it could be affecting it. I haven't seen client_max_body_size cause cors errors before. Interesting. |
Effectively, the problem was in my nginx and php configuration. When i configure my nginx and php upload file size in order to allow upload files very long the error disappears. Now the error is in another process but it has nothing to do with cors configuration. This was in my nginx log error file:
Thank you so much. |
Please, review this for fix any problem with files in the request. |
in case it works with php artisan serve? |
Before you start But I changed it to use this following the upgrade guide of laravel Check your config 'paths' => ['api/*'],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => false, [ ] Make sure the middleware is added to the global middleware in your Http Kernel (not group) Clear your caches I saw you were asking to try this with php artisan serve, the problem persists within inside laradock and php artisan serve. The route im trying to access is These are the Request headers
And this the Response headers
This is for the OPTIONS verb during the preflight. I will add a custom middleware for now. I hope this info helps. UPDATE: Some context, I used to had this package version 'supportsCredentials' => false,
'allowedOrigins' => ['*'],
'allowedOriginsPatterns' => [],
'allowedHeaders' => ['*'],
'allowedMethods' => ['*'],
'exposedHeaders' => [],
'maxAge' => 0, |
So what is X-Powered-By: Express? Is that a Laravel server or expressjs? The endpoint needs the headers. And please create separate issues. |
I found the solution, the problem was how i put the address. thank you very much. here the correct Route::get('estados/pais/', 'UsuarioController@getEstadosByPais'); if (this.selected_pais !="") {
SEE THE ERROR IMAGE ABOVE |
I have a better one. I had the exact issue with cors. Everything was configured properly, the urls was fine I was hitting right endpoint. But in the middle of development this cors error occured in console. What i did was permission change on the storage/ directory. I don't know how permissions impact cors settings, but after setting right permissions everything is fine. It can be specific to my project so if I whenever investigate this I will share my experiences. So, if you have this issue give a try to chmod 777 on the storeage/ directory |
HeY Barry I am facing this only in Firefox :(
cors.php
console error:
|
|
I write everything as stated in the readme.md file but still get an error on my requests.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
I am using Laravel 6
The text was updated successfully, but these errors were encountered: