Answer the question
In order to leave comments, you need to log in
I
I
IvanKalinin2015-07-12 05:03:00
IvanKalinin, 2015-07-12 05:03:00
How to win / disable cross-domain request check?
All the best.
I'm trying to figure out a bunch of Laravel + AngularJS.
Laravel installed on localhost, then put the angular app in the public folder using the yeoman generator. I run my Angular app using grunt serve to autocompile sass and debug. In fact, the application opens on localhost:9000/#
When trying to write something like $http.get(' localhost/api/...... browsers swear at the absence of the CORs header.
How to get around?
2 answer(s)
@IvanKalinin
@romach3
Please note that for POST / PUT / DELETE requests, the token is also checked, more about this in the documentation .
_
_ _, 2015-07-12 @IvanKalinin
If you do not plan to subsequently use the API from the "left" domains, then you can simply start Chrome with the security policy disabled.
On OS X, it's done like this:
$ open -a Google\ Chrome --args --disable-web-securityR
romach3, 2015-07-12 @romach3
Pass the necessary headers) To do this, you can connect the package:
https://github.com/barryvdh/laravel-cors
Or just create a middleware that will add them to the response and hang it on the necessary routes , something like this:
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Response;
class CORS {
public function handle($request, Closure $next)
{
/** @var Response $response */
$response = $next($request);
return $response->header('Access-Control-Allow-Origin' , '*')
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE')
->header('Access-Control-Allow-Headers', 'Content-Type, X-Auth-Token, Origin');
}
}Please note that for POST / PUT / DELETE requests, the token is also checked, more about this in the documentation .
Similar questions
U
V
L
I
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question