ARTICLE AD BOX
Apparently CORS just works with Laravel 12, but it doesn't work for me.
Starting from scratch, then
install/api config:publish cors 'paths' => ['api/*', 'sanctum/csrf-cookie'], 'allowed_methods' => ['*'], 'allowed_origins' => ['localhost:3000', '127.0.0.1:3000'], 'allowed_origins_patterns' => [], 'allowed_headers' => ['*'], 'exposed_headers' => [], 'max_age' => 600, 'supports_credentials' => false,Simple routes within api.php:
Route::get('/show/{id}', [EmailController::class, 'show']); Route::post('/search', [EmailController::class, 'search']); Route::post('/search2', [EmailController::class, 'search2']);simple app.php, does it need a middleware setup, or is it always there?
return Application::configure(basePath: dirname(__DIR__)) ->withRouting( web: __DIR__.'/../routes/web.php', api: __DIR__.'/../routes/api.php', commands: __DIR__.'/../routes/console.php', health: '/up', ) ->withMiddleware(function (Middleware $middleware): void { // }) ->withExceptions(function (Exceptions $exceptions): void { // })->create();Postman call, works as expected, but as we know, ignores the origins header.
Access to XMLHttpRequest at 'http://localhost/api/search' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.What am I missing?
