fruitcake/Laravel-cors 如何正确使用呢

发下配置

<?php

return [

/*
|--------------------------------------------------------------------------
| Laravel CORS Options
|--------------------------------------------------------------------------
|
| The allowed_methods and allowed_headers options are case-insensitive.
|
| You don't need to provide both allowed_origins and allowed_origins_patterns.
| If one of the strings passed matches, it is considered a valid origin.
|
| If array('*') is provided to allowed_methods, allowed_origins or allowed_headers
| all methods / origins / headers are allowed.
|
*/

/*
 * You can enable CORS for 1 or multiple paths.
 * Example: ['api/*']
 */
'paths' => ['api/*'],

/*
* Matches the request method. `[*]` allows all methods.
*/
'allowed_methods' => ['*'],

/*
 * Matches the request origin. `[*]` allows all origins. Wildcards can be used, eg `*.mydomain.com`
 */
'allowed_origins' => ['*'],

/*
 * Patterns that can be used with `preg_match` to match the origin.
 */
'allowed_origins_patterns' => [],

/*
 * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
 */
'allowed_headers' => ['*'],

/*
 * Sets the Access-Control-Expose-Headers response header with these headers.
 */
'exposed_headers' => [],

/*
 * Sets the Access-Control-Max-Age response header when > 0.
 */
'max_age' => 0,

/*
 * Sets the Access-Control-Allow-Credentials header.
 */
'supports_credentials' => false,

];

确保不要有 exit,die,dd 之类。

'supports_credentials' => false

改为 true

HandleCors::class,要放到全局中间键的第一个

/**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        HandleCors::class,
        \App\Http\Middleware\TrustProxies::class,
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class, 
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

config文件中

/*
     * Sets the Access-Control-Allow-Credentials header.
     */
    'supports_credentials' => true,

遇到了同样的问题