CORS Failing for post request

Question

I have this piece of Vue.js:

...
this.$http.post('http://localhost:8000/oauth/token', postData)
  .then(response => {
    console.log(response)
})
this.$http.get('http://localhost:8000/api/test')
  .then(response => {
    console.log(response)
})
...

The last get request works fine, but the post doesn't go through due to

XMLHttpRequest cannot load http://localhost:8000/oauth/token. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ...

My Cors.php Middleware:

...
public function handle($request, Closure $next)
{
    return $next($request)
        ->header('Access-Control-Allow-Origin', '*')
        ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
}
...

Kernel.php:

...

    'api' => [
        'throttle:60,1',
        'bindings',
        \App\Http\Middleware\Cors::class,
    ],
...

I've done php artisan route:list I noticed that the route ...oauth/token has the middleware throttle, it is the only one by default ... I'm following https://laravel.com/docs/5.3/passport#installation

Both (client/server) are running on localhost

Try to register the middleware into the web middleware group instead of the api one — Hammerbot, Jan 05 '17 at 13:00
@El_Matella, then the two requests fail. I did a `php artisan route:list` and that route only middleware is `throttle` — Miguel, Jan 05 '17 at 13:02
If i registered on `protected $middleware` the problem in the question remains — Miguel, Jan 05 '17 at 13:05
Does it work if you add: `header('Access-Control-Allow-Headers', 'Origin, Content-Type, X-Auth-Token');` — craig_h, Jan 05 '17 at 13:15
Problem remains :/ , Doens't make any sense ... Why just for post?! @craig_h — Miguel, Jan 05 '17 at 13:17
Does this post help at all: http://stackoverflow.com/questions/38005829/cors-post-request-fails — craig_h, Jan 05 '17 at 13:34
Do you need CORS because you're developing front end with a server run by node.js? If so, you can try configuring it proxy the back end to avoid CORS. — JJPandari, Jan 08 '17 at 03:25

score 0 · Answer 1 · answered Jan 05 '17 at 14:07

0

Assuming you are using vue-resource try debugging your call in the Network tab from devtools.

If no CORS headers are present in Request Header tab put this line somewhere after the Vue.use(VueResource) : Vue.http.options.crossOrigin = true

answered Jan 05 '17 at 14:07

sotaan

125
9

CORS Failing for post request

1 Answers1