php - Laravel Cors (Middleware NOT working) -
i tries enabling cors in laravel 5.4 unfortunately doesn't want work. have included code , error it's giving me below. can finding out why isn't working? have passed required headers.
i have renamed domain domain.uk example purposes , don't wan't expose domain of site yet under development.
routes (made 1 route ::any testing purposes while developing, on production post):
route::group(['domain' => 'api.domain.uk', 'namespace' => 'api'], function() { route::group(['middleware' => ['cors'], 'prefix' => 'call'], function() { route::get('/rooms/{id}/get-locked-status', 'apicontroller@getroomlockstatus'); route::any('/rooms/{id}/update-locked-status', 'apicontroller@updateroomlockstatus'); }); });
error:
xmlhttprequest cannot load http://api.domain.uk/ajax/rooms/1/update-locked-status. no 'access-control-allow-origin' header present on requested resource. origin 'http://ice.domain.uk' therefore not allowed access. response had http status code 500.
middleware:
namespace app\http\middleware; use closure; class cors { /** * handle incoming request. * * @param \illuminate\http\request $request * @param \closure $next * @return mixed */ public function handle($request, closure $next) { return $next($request) ->header('access-control-allow-origin', '*') ->header('access-control-allow-methods', 'get, post, put, delete, options') ->header('access-control-allow-headers', 'content-type, accept, authorization, x-requested-with, application'); } }
ajax:
function toggledoors(roomid) { $.ajax({ url: 'http://api.domain.uk/ajax/rooms/' + roomid + '/update-locked-status', type: "post", success: function(data) { alert(data); } }); }
apicontroller:
<?php namespace app\http\controllers\api; use auth; use app\user; use app\http\controllers\controller; use validator; use redirect; use illuminate\http\request; use app\database\frontend\other\rooms; class apicontroller extends controller { public function getroomlockstatus($id) { $room = rooms::find($id); if ($room == null) { return response('bad request', 400); } else { return $room->rp_locked; } } public function updateroomlockstatus(request $request, $id) { $room = rooms::find($id); if ($room == null) { return response('bad request', 400); } $room->rp_locked = $room->rp_locked == '1' ? '0' : '1'; $room->save(); $responsetext = $room->rp_locked == '1' ? 'your doors have been locked.' : 'your doors have been unlocked.'; return response($responsetext, 200); } }
see https://developer.mozilla.org/en-us/docs/web/http/methods/options#preflighted_requests_in_cors
if problem in options method.
kernel::$routemiddleware not working in laravel 5.4 request method options, see https://github.com/laravel/framework/blob/v5.4.0/src/illuminate/routing/routecollection.php#l214. use cors middleware, enable in kernel::$middleware array. not good, no other way.
for example, use next middleware class spa , api, attention, not middleware 'cors' routes
<?php namespace app\http\middleware; use closure; use illuminate\http\request; use illuminate\http\response; /** * optionscorsresponse middleware - add cors headers if request method options */ class optionscorsresponse { /** * * @param request $request * @param closure $next * @return response */ public function handle($request, closure $next) { /* @var $response response */ $response = $next($request); if (!$request->ismethod('options')) { return $response; } $allow = $response->headers->get('allow'); // true list of allowed methods if (!$allow) { return $response; } $headers = [ 'access-control-allow-methods' => $allow, 'access-control-max-age' => 3600, 'access-control-allow-headers' => 'x-requested-with, origin, x-csrftoken, content-type, accept', ]; return $response->withheaders($headers); } }
and enable in app\http\kernel
protected $middleware = [ // ... \app\http\middleware\optionscorsresponse::class, ];
origin 'http :// ice . domain . uk' therefore not allowed access. response had http status code 500.
debug code, because generate exception. use rest client options method.
Comments
Post a Comment