config/cors.php

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Laravel CORS Options
    |--------------------------------------------------------------------------
    |
    | The allowed_methods and allowed_headers options are case-insensitive.
    |
    | You don't need to provide both allowed_origins and allowed_origins_patterns.
    | If one of the strings passed matches, it is considered a valid origin.
    |
    | If array('*') is provided to allowed_methods, allowed_origins or allowed_headers
    | all methods / origins / headers are allowed.
    |
    */

    /*
     * You can enable CORS for 1 or multiple paths.
     * Example: ['api/*']
     */
    'paths' => [],

    /*
    * Matches the request method. `[*]` allows all methods.
    */
    'allowed_methods' => ['*'],

    /*
     * Matches the request origin. `[*]` allows all origins. Wildcards can be used, eg `*.mydomain.com`
     */
    'allowed_origins' => [],

    /*
     * Patterns that can be used with `preg_match` to match the origin.
     */
    'allowed_origins_patterns' => [],

    /*
     * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
     */
    'allowed_headers' => ['*'],

    /*
     * Sets the Access-Control-Expose-Headers response header with these headers.
     */
    'exposed_headers' => [],

    /*
     * Sets the Access-Control-Max-Age response header when > 0.
     */
    'max_age' => 0,

    /*
     * Sets the Access-Control-Allow-Credentials header.
     */
    'supports_credentials' => false,
];
Move API routing to Laravel (#10457 ) 2019-07-29 16:32:37 -05:00			`<?php`

			`return [`

			`/*`
CORS settings in webui (#11912 ) 2020-07-08 07:36:51 -05:00			`\|--------------------------------------------------------------------------`
			`\| Laravel CORS Options`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The allowed_methods and allowed_headers options are case-insensitive.`
			`\|`
			`\| You don't need to provide both allowed_origins and allowed_origins_patterns.`
			`\| If one of the strings passed matches, it is considered a valid origin.`
			`\|`
			`\| If array('*') is provided to allowed_methods, allowed_origins or allowed_headers`
			`\| all methods / origins / headers are allowed.`
			`\|`
			`*/`

			`/*`
			`* You can enable CORS for 1 or multiple paths.`
			`* Example: ['api/*']`
			`*/`
			`'paths' => [],`

			`/*`
			* Matches the request method. `[*]` allows all methods.
			`*/`
			`'allowed_methods' => ['*'],`

			`/*`
			* Matches the request origin. `[]` allows all origins. Wildcards can be used, eg `.mydomain.com`
			`*/`
			`'allowed_origins' => [],`

			`/*`
			* Patterns that can be used with `preg_match` to match the origin.
			`*/`
			`'allowed_origins_patterns' => [],`

			`/*`
			* Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
			`*/`
			`'allowed_headers' => ['*'],`

			`/*`
			`* Sets the Access-Control-Expose-Headers response header with these headers.`
			`*/`
			`'exposed_headers' => [],`

			`/*`
			`* Sets the Access-Control-Max-Age response header when > 0.`
Move API routing to Laravel (#10457 ) 2019-07-29 16:32:37 -05:00			`*/`
CORS settings in webui (#11912 ) 2020-07-08 07:36:51 -05:00			`'max_age' => 0,`
Move API routing to Laravel (#10457 ) 2019-07-29 16:32:37 -05:00
			`/*`
CORS settings in webui (#11912 ) 2020-07-08 07:36:51 -05:00			`* Sets the Access-Control-Allow-Credentials header.`
Move API routing to Laravel (#10457 ) 2019-07-29 16:32:37 -05:00			`*/`
CORS settings in webui (#11912 ) 2020-07-08 07:36:51 -05:00			`'supports_credentials' => false,`
Move API routing to Laravel (#10457 ) 2019-07-29 16:32:37 -05:00			`];`