I get this output when client send a POST http request.
Access to XMLHttpRequest at 'http://127.0.0.1:8004/api/ciudadano/sinup' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
POST http://127.0.0.1:8004/api/ciudadano/sinup net::ERR_FAILED 500
It looks like it a CORS policy problem.
I alredy create this middleware - Cors.php:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class Cors
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
$response = $next($request);
$response->header("Access-Control-Allow-Origin","*");
$response->header("Access-Control-Allow-Credentials","true");
$response->header("Access-Control-Max-Age","600"); // cache for 10 minutes
$response->header("Access-Control-Allow-Methods","POST, GET, OPTIONS, DELETE, PUT"); //Make sure you remove those you do not want to support
$response->header("Access-Control-Allow-Headers", "Content-Type, Accept, Authorization, X-Requested-With, Application");
return $response;
}
}
And I added this line \App\Http\Middleware\Cors::class in Kernel.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array<int, class-string|string>
*/
protected $middleware = [
// \App\Http\Middleware\TrustHosts::class,
\App\Http\Middleware\Cors::class,
\Illuminate\Http\Middleware\HandleCors::class,
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\PreventRequestsDuringMaintenance::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* @var array<string, array<int, class-string|string>>
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
'api' => [
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
'throttle:api',
\Illuminate\Routing\Middleware\SubstituteBindings::class,
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array<string, class-string|string>
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
'signed' => \App\Http\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];
}
I also try fruitcake/laravel-cors package; installing it whit: composer require fruitcake/laravel-cors
and added this line in kernel.php \Fruitcake\Cors\HandleCors::class,
protected $middleware = [
\Fruitcake\Cors\HandleCors::class,
// ...
// ...
];
What's happening?
this is the routes, api.php:
Route::get ('/test', function (){
return ("Backend OK");
});
Route::post('/ciudadano/sinup', 'App\Http\Controllers\CiudadanoController@store');
the url with the get method http://127.0.0.1:8004/api/test is working fine!
and this is the controller:
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class CiudadanoController extends Controller
{
/**
* Display a listing of the resource.
*
* @return \Illuminate\Http\Response
*/
public function index()
{
//
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
dd($request);
$this->validate($request, [
'cuil'=>'required',
'nombre'=>'required',
'apellido'=>'required',
'email'=>'required',
'password'=>'required',
]);
//debería corroborar el cuil con el nombre y el apellido con authenticar
$ciudadano = Ciudadano::create($request->all());
//acá debería devolver un token
dd($ciudadano);
$ciudadano->save();
return ("OK");
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function show($id)
{
//
}
/**
* Update the specified resource in storage.
*
* @param \Illuminate\Http\Request $request
* @param int $id
* @return \Illuminate\Http\Response
*/
public function update(Request $request, $id)
{
//
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
//
}
}
CodePudding user response:
Laravel already has a cors.php config file built in. You need to configure your CORS logic in that file.
If you want to just allow everything, use an asterisk:
'paths' => ['*'],
CodePudding user response:
update the config to define the paths you want to run the CORS service on :
change paths array to 'paths' => ['*']