Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Middleware/Cors.php
- This file was added.
<?php | |||||
namespace App\Http\Middleware; | |||||
use Closure; | |||||
class Cors | |||||
{ | |||||
/** | |||||
* Handle an incoming request. | |||||
* | |||||
* @param \Illuminate\Http\Request $request | |||||
* @param \Closure $next | |||||
* | |||||
* @return mixed | |||||
*/ | |||||
public function handle($request, Closure $next) | |||||
{ | |||||
// TODO: Now we allow all, but we should be allowing only meet.domain.tld | |||||
return $next($request) | |||||
->header('Access-Control-Allow-Origin', '*') | |||||
->header( | |||||
'Access-Control-Allow-Methods', | |||||
'GET, POST, PUT, DELETE, OPTIONS' | |||||
) | |||||
->header( | |||||
'Access-Control-Allow-Headers', | |||||
'X-Requested-With, Content-Type, X-Token-Auth, Authorization' | |||||
); | |||||
} | |||||
} |