PHPackages                             elevationdigital/laravel-cors - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [API Development](/categories/api)
4. /
5. elevationdigital/laravel-cors

ActiveLibrary[API Development](/categories/api)

elevationdigital/laravel-cors
=============================

Adds CORS (Cross-Origin Resource Sharing) headers support in your Laravel application

v1.0.3(6y ago)012MITPHPPHP &gt;=7

Since Dec 15Pushed 6y agoCompare

[ Source](https://github.com/elevationdigital/laravel-cors)[ Packagist](https://packagist.org/packages/elevationdigital/laravel-cors)[ RSS](/packages/elevationdigital-laravel-cors/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (9)Versions (42)Used By (0)

CORS Middleware for Laravel
===========================

[](#cors-middleware-for-laravel)

[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/630da84fa166c01bbc739ff1ff80648456728755c8c2095fb54691744d910c95/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f667275697463616b652f6c61726176656c2d636f72732f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/fruitcake/laravel-cors)[![Total Downloads](https://camo.githubusercontent.com/df6f92cf998d9cef9241af9190a17a9bcd5cb310faebad1d6777b876e0a34935/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f667275697463616b652f6c61726176656c2d636f72732e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/fruitcake/laravel-cors)

Based on

About
-----

[](#about)

The `laravel-cors` package allows you to send [Cross-Origin Resource Sharing](http://enable-cors.org/)headers with Laravel middleware configuration.

If you want to have a global overview of CORS workflow, you can browse this [image](http://www.html5rocks.com/static/images/cors_server_flowchart.png).

Upgrading from 0.x
------------------

[](#upgrading-from-0x)

When upgrading from 0.x versions, there are some breaking changes:

- The vendor name has changed (see installation/usage)
- Group middleware is no longer supported.
- A new 'paths' property is used to enable/disable CORS on certain routes. This is empty by default!

Features
--------

[](#features)

- Handles CORS pre-flight OPTIONS requests
- Adds CORS headers to your responses
- Match routes to only add CORS to certain Requests

Installation
------------

[](#installation)

Require the `fruitcake/laravel-cors` package in your `composer.json` and update your dependencies:

```
composer require fruitcake/laravel-cors
```

Global usage
------------

[](#global-usage)

To allow CORS for all your routes, add the `HandleCors` middleware in the `$middleware` property of `app/Http/Kernel.php` class:

```
protected $middleware = [
    // ...
    \Fruitcake\Cors\HandleCors::class,
];
```

Now update the config to define the paths you want to run the CORS service on, (see Configuration below):

```
'paths' => ['api/*'],
```

Configuration
-------------

[](#configuration)

The defaults are set in `config/cors.php`. Publish the config to copy the file to your own config:

```
php artisan vendor:publish --tag="cors"
```

> **Note:** When using custom headers, like `X-Auth-Token` or `X-Requested-With`, you must set the `allowed_headers` to include those headers. You can also set it to `['*']` to allow all custom headers.

> **Note:** If you are explicitly whitelisting headers, you must include `Origin` or requests will fail to be recognized as CORS.

```
