formatting

D3Z1R3 · Dec 27, 2019 · 0bec06c · 0bec06c
1 parent c222f6d
commit 0bec06c
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 43 deletions.
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -15,7 +15,7 @@ class Kernel extends HttpKernel
      */
     protected $middleware = [
         \App\Http\Middleware\TrustProxies::class,
-        \App\Http\Middleware\HandleCors::class,
+        \Fruitcake\Cors\HandleCors::class,
         \App\Http\Middleware\CheckForMaintenanceMode::class,
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \App\Http\Middleware\TrimStrings::class,

diff --git a/app/Http/Middleware/HandleCors.php b/app/Http/Middleware/HandleCors.php
diff --git a/config/cors.php b/config/cors.php
@@ -4,57 +4,31 @@
 
     /*
     |--------------------------------------------------------------------------
-    | Laravel CORS Options
+    | Cross-Origin Resource Sharing (CORS) Configuration
     |--------------------------------------------------------------------------
     |
-    | The allowed_methods and allowed_headers options are case-insensitive.
+    | Here you may configure your settings for cross-origin resource sharing
+    | or "CORS". This determines what cross-origin operations may execute
+    | in web browsers. You are free to adjust these settings as needed.
     |
-    | You don't need to provide both allowed_origins and allowed_origins_patterns.
-    | If one of the strings passed matches, it is considered a valid origin.
-    |
-    | If array('*') is provided to allowed_methods, allowed_origins or allowed_headers
-    | all methods / origins / headers are allowed.
+    | To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
     |
     */
 
-    /*
-     * You can enable CORS for 1 or multiple paths.
-     * Example: ['api/*']
-     */
-    'paths' => [],
+    'paths' => ['api/*'],
 
-    /*
-    * Matches the request method. `[*]` allows all methods.
-    */
     'allowed_methods' => ['*'],
 
-    /*
-     * Matches the request origin. `[*]` allows all origins.
-     */
     'allowed_origins' => ['*'],
 
-    /*
-     * Matches the request origin with, similar to `Request::is()`
-     */
     'allowed_origins_patterns' => [],
 
-    /*
-     * Sets the Access-Control-Allow-Headers response header. `[*]` allows all headers.
-     */
     'allowed_headers' => ['*'],
 
-    /*
-     * Sets the Access-Control-Expose-Headers response header.
-     */
     'exposed_headers' => false,
 
-    /*
-     * Sets the Access-Control-Max-Age response header.
-     */
     'max_age' => false,
 
-    /*
-     * Sets the Access-Control-Allow-Credentials header.
-     */
     'supports_credentials' => false,
+
 ];