How to use middleware to implement cross-domain resource sharing (CORS) in Laravel
Overview:
Cross-domain resource sharing (CORS) is a A browser mechanism that allows web applications to share resources under different domain names. Laravel, a popular PHP framework, provides a convenient way to handle CORS by using middleware to handle cross-domain requests.
This article will introduce you to how to use middleware to implement CORS in Laravel, including how to configure middleware, set allowed domain names and request methods, and provide specific code examples.
Step 1: Create CORS middleware
First, we need to create a middleware to handle CORS. Use the following command in the terminal to generate a new middleware file:
php artisan make:middleware CorsMiddleware
This command will be in the app/Http/Middleware
directory Generate a file named CorsMiddleware.php
.
Open the CorsMiddleware.php
file and modify the handle
method as follows:
public function handle($request, Closure $next) { $response = $next($request); $response->header('Access-Control-Allow-Origin', '*'); $response->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS'); $response->header('Access-Control-Allow-Headers', 'Content-Type, Authorization'); return $response; }
In this middleware, we set three response headers, They are: Access-Control-Allow-Origin
, Access-Control-Allow-Methods
and Access-Control-Allow-Headers
. Access-Control-Allow-Origin
Allows cross-domain access from all sources, and you can also set specific domain names as needed. Access-Control-Allow-Methods
Define the allowed request methods. Here we set the common GET, POST, PUT, DELETE and OPTIONS. Access-Control-Allow-Headers
The allowed request headers include Content-Type and Authorization.
Step 2: Register CORS middleware
Open the app/Http/Kernel.php
file, find the $middleware
array, and add it to the array Add the following line of code:
protected $middleware = [ // ... AppHttpMiddlewareCorsMiddleware::class, ];
The above code will add the CorsMiddleware
middleware to the global middleware stack so that it can be applied to every request.
Step 3: Use CORS middleware
In order to verify whether our CORS middleware is valid, we can use it in an API route. In the routes/api.php
file, add a GET route and use CorsMiddleware
middleware for this route:
Route::get('/test', function () { return response()->json(['message' => 'Hello World']); })->middleware('cors');
This route will return a message containing "Hello World" message's JSON response.
Step 4: Verify CORS settings
Now we can use any client that supports cross-domain access, such as a browser or REST client for verification. In the browser's development tools, we can see the response header information.
For example, on the Chrome browser, open the developer tools, switch to the "Network" tab, and then access the route /api/test
we defined in step three. In the response headers, we should see Access-Control-Allow-Origin
, Access-Control-Allow-Methods
, and Access-Control-Allow-Headers
setting.
If everything is fine, you should be able to send HTTP requests from different domain names and get responses successfully.
Conclusion:
By using middleware, the Laravel framework provides a simple way to achieve cross-domain resource sharing. This article details how to create CORS middleware, register middleware, and use middleware to handle cross-domain requests. Hope this article can help you implement CORS in Laravel and provides enough code examples for your reference.
The above is the detailed content of How to use middleware to implement cross-origin resource sharing (CORS) in Laravel. For more information, please follow other related articles on the PHP Chinese website!