Homestead: Add CORS to apache

Created on 19 Jul 2017 · 4Comments · Source: laravel/homestead

i'm not sure if i can request it here, but since every developer working with laravel + homestead are building apis or whatever, would be good set the apache header:
Header set Access-Control-Allow-Origin "*"
as explained here: https://enable-cors.org/server_apache.html
this will be a time saver for us

Source

leandroruel

Most helpful comment

Hi, This is the right place to bring up such an issue.

if there's enough demand I'm all for it. Anyone who would like to see this can feel free to chime in.

At the moment this can be done via the after.sh script (Which is executed after your apache host is setup and configured)

svpernova09 on 19 Jul 2017

👍7 🚀1

All 4 comments

Hi, This is the right place to bring up such an issue.

if there's enough demand I'm all for it. Anyone who would like to see this can feel free to chime in.

At the moment this can be done via the after.sh script (Which is executed after your apache host is setup and configured)

svpernova09 on 19 Jul 2017

👍7 🚀1

iaK on 8 Sep 2017

CaddyDz on 23 Sep 2018

Any news about this? I'm trying to make this work with Nginx but it's really hard when everybody is saying that If is Evil inside the location block.

#
# Wide-open CORS config for nginx
#
location / {
     if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        #
        # Om nom nom cookies
        #
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        #
        # Custom headers and headers various browsers *should* be OK with but aren't
        #
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        #
        # Tell client that this pre-flight info is valid for 20 days
        #
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
     }
     if ($request_method = 'POST') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
     if ($request_method = 'GET') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
}