Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How can I implement a custom CORS middleware in Laravel 11


How can I implement a custom CORS middleware in Laravel 11


To implement a custom CORS middleware in Laravel 11, follow these steps:

1. Create the Middleware

Generate a new middleware using the Artisan command:

bash
php artisan make:middleware CustomCors

This will create a `CustomCors.php` file in the `app/Http/Middleware` directory.

2. Configure the Middleware

Open the `CustomCors.php` file and modify the `handle` method:

php
public function handle($request, Closure $next)
{
    $response = $next($request);

    $response->headers->set('Access-Control-Allow-Origin', '*');
    $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
    $response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Authorization');

    return $response;
}

In this example, we're setting the following CORS headers:

- `Access-Control-Allow-Origin`: Allows requests from any origin (`*`).
- `Access-Control-Allow-Methods`: Allows GET, POST, PUT, DELETE, and OPTIONS HTTP methods.
- `Access-Control-Allow-Headers`: Allows the `Content-Type` and `Authorization` headers.

You can customize these settings based on your application's requirements.

3. Register the Middleware

Open the `app/Http/Kernel.php` file and add the custom middleware to the global middleware stack:

php
protected $middleware = [
    // ...
    \App\Http\Middleware\CustomCors::class,
];

This will apply the CORS middleware to all incoming requests.

4. Customize CORS Configuration

If needed, you can further customize the CORS configuration by creating a `cors.php` file in the `config` directory:

bash
php artisan config:publish cors

This will create a `cors.php` file where you can define additional CORS settings, such as allowed origins, methods, and headers.

5. Test the CORS Middleware

After implementing the custom CORS middleware, test your application by making requests from different origins. Ensure that the appropriate CORS headers are being sent in the responses.

By following these steps, you have successfully implemented a custom CORS middleware in your Laravel 11 application. This approach allows you to have more control over the CORS configuration and apply it globally to all incoming requests.

Remember to adjust the CORS settings based on your specific requirements and security considerations.

Citations:
[1] https://www.iterrorsolution.com/post/laravel-11-cors-middleware-configuration-example-tutorial.html
[2] https://www.stackhawk.com/blog/laravel-cors/
[3] https://laravel.com/docs/11.x/sanctum
[4] https://stackoverflow.com/questions/78533267/laravel-11-cors-issue
[5] https://github.com/fruitcake/laravel-cors