CORS stands for Cross-Origin Resource Sharing an is a specification that allow modern browsers to request (and receive) data from a domain other than the one serving the page that made the request.
You're building a site with cool cross domain features, and then you try to make a XHR request, you see the following message in your browser’s console:
XMLHttpRequest cannot load http://site123.local. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://site.local' is therefore not allowed access. The response had HTTP status code 500.
This means your server is not sending back to the client the headers that allow CORS:
1.Access-Control-Allow-Origin 2.Access-Control-Allow-Methods
So we'll make a Laravel Middleware to fix this. (You could also add the proper headers at the Ngnix level).
Create new middleware:
php artisan make:middleware Cors
Then follow the file examples in this gist to make it happen.
See http://enable-cors.org/ for more information.
Laravel 系统自身携带的handlecors中间件仅处理同端口的跨域请求, 如果你使用spa 你猜这种方式是否会继续工作?哈哈