Laravel CORS - 对预检请求的响应未通过访问控制检查：没有“Access-Control-Allow-Origin” header 出现在请求中

Question

I am trying to integrate Laravel socialite to my project, i am coming across the following error

Access to XMLHttpRequest at 'https://github.com/login/oauth/authorize?client_id=6b87b76a942a90caec24&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Fgithub%2Fcallback&scope=user%3Aemail&response_type=code&state=ZLzrBzsFH6YVKpat3yZ5a2G6vLd0wWedFRwFRXoc' (redirected from 'http://localhost:8000/github') from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

The issue is when i press sign in with github button i get the above error

Error Picture

cors.php file

   'allowed_methods' => ['*'],

   'allowed_origins' => ['http://localhost:8000'],

   'allowed_origins_patterns' => [],

   'allowed_headers' => ['*'],

   'exposed_headers' => [],

   'max_age' => 0,

   'supports_credentials' => false, 

am using the Fruitcake/laravel-cors package

protected $middleware = [
        \Fruitcake\Cors\HandleCors::class,
    ];

Where am i going wrong?

Answer 1

Access to XMLHttpRequest at 'https://github.com/...' (redirected from 'http://localhost:8000/github')... blocked by CORS policy

You are not Github.

The code running on your Laravel application is not running on github.com.

You cannot grant permission to your JavaScript to read data that Github is sending to the user's browser.

---

In broader terms, you've gone very wrong somewhere in your attempt to implement OAuth. You are making an Ajax request where you need to make a request that navigates the browser to Github for the user to interact with their login UI.