Response to CORS preflight OPTIONS request is 500 Internal Server Error in Laravel API

Question

I am working on a Laravel and Angular project. Project is running well in another Computer but I am getting below error in my Laptop.

I used this package. I tried several ways but could not find any solution.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource

My .htaccess file is like below

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews -Indexes
    </IfModule>

    RewriteEngine On

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.+)/$
    RewriteRule ^ %1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]
</IfModule>

Could anyone help me in this regard ?

The problem you need to solve is, the server you’re sending the request to is responding to OPTIONS requests with a 500 Internal Server Error. So you don’t have a CORS problem. Instead you have a 500 Internal Server Error problem. The only reason your browser is reporting a CORS error is, that 500 error doesn’t have the Access-Control-Allow-Origin response header. A 500 error will pretty much never that header. Look through the server logs on the server side to see what messages the server is logging about whatever internal server problem is causing the server to send that 500 response. — sideshowbarker, Jun 13 '19 at 12:18
Thanks @sideshowbarker. How can I check server log when I am working in localhost ? — abu abu, Jun 13 '19 at 12:28
Thanks @sideshowbarker. What is the meaning of OPTIONS requests with a 500 Internal Server Error ? Am I hitting wrong URL ? — abu abu, Jun 13 '19 at 12:29
@sideshowbarker I wish I could upvote your answer. I spent half a day not understanding why I was getting this error and (of course) nothing I did in the cors settings helped. Thanks to you I finally found the actual error — CSquare, Apr 29 '20 at 07:46
@CSquare Glad it helped you. The situation you ran into is unfortunately one that many other people also regularly run into. The fact that browsers don’t include the HTTP status code in the CORS error message — and don’t otherwise make the the HTTP status code very discoverable — causes a lot of developers to end up wasting a lot of time. I wish I could say I knew that browsers would be making some improvements around this… but I can’t. In fact, Chrome has made some changes that’re gonna make things even worse for developers; see https://stackoverflow.com/q/57410051/441757 :( — sideshowbarker, Apr 29 '20 at 07:58
@sideshowbarker I'll keep it in mind to check the status code and also that the error I get isn't always what's actually wrong. Can't tell you how ecstatic I am to finally understand where that error was coming from. So grateful. Ah that sounds bad... why would they do that/ not think of that? Are there browser extensions you could recommend meanwhile? — CSquare, Apr 29 '20 at 08:21

score 2 · Answer 1 · answered Jun 13 '19 at 10:05

2

You are only allowed to set the Access-Control-Allow-Origin header once.

It seems this header is also set somewhere else than in the laravel-cors package configuration. For example in your .htaccess file, in your server configuration or (less likely since you get the exception only in one environment) in some other middleware you have created manually.

answered Jun 13 '19 at 10:05

piscator

8,028
5
23
32

1

Thanks @piscator. I edited my question with `.htaccess` file. Thanks. – abu abu Jun 13 '19 at 10:21

Response to CORS preflight OPTIONS request is 500 Internal Server Error in Laravel API

1 Answers1