I am creating React and Laravel website and below issue was shown in the console.
cors.php
<?php
return [
'paths' => ['api/*','login','register','admin/*','sanctum/csrf-cookie'],
'allowed_methods' => ['GET', 'PUT', 'POST', 'DELETE', 'OPTIONS'],
'allowed_origin' => ['http://localhost:3000'],
'allowed_origins_patterns' => [],
'allowed_headers' => [
'Content-Type',
'Authorization',
'Accept',
'Accept-Language',
'Content-Language',
'Origin',
'X-Requested-With',
'X-XSRF-TOKEN',
//'X-CSRF-TOKEN',
'Access-Control-Request-Methods',
'Access-Control-Request-Headers'
],
'exposed_headers' => [
// 'Access-Token',
// 'Uid',
'Authorization',
'X-CSRF-TOKEN'
],
'max_age' => 0,
'supports_credentials' => true,
];
What is the issue of my cors.php and what are valid and invalid headers which I put?
CodePudding user response:
have you confirmed the frontend origin is "http://localhost:3000" as you allowed in cors.php only this
CodePudding user response:
add allowed-origin to * in your code.