CORS error - Only with 404 http code | Laravel | Page 1

modest cliff Aug 22, 2023, 2:36 PM

#

Good morning,
I have a CORS issue. The response header "access-control-allow-origin" gets lost only when the response is a 404 error, solely in that case. I'm using Laravel 8 with Fruitcake\Cors\HandleCors.
What can be the problem?

silk mortar Aug 22, 2023, 3:47 PM

#

Are you sure the 404 is sent by Laravel, and not by a reverse proxy like nginx?

lofty fog Aug 22, 2023, 4:48 PM

#

I think this could happen if you have a route with route model binding, the SubstituteBindings middleware probably runs before cors (I'm not actually sure what the default is, and certainly not for Laravel 8, been quite a while). If that's the case you'd want to up the priority of the CORS middleware if you're expecting multiple error states

modest cliff Aug 22, 2023, 8:56 PM

#

@silk mortar I found the laravel logs related to the endpoint, so i don't believe that.

@lofty fog That can be, I will control the priorities and and i will come back with what i find

modest cliff Aug 24, 2023, 12:43 PM

#

@lofty fog
I define the $middlewarePriority and moved the middelware \Fruitcake\Cors\HandleCors::class to the first place in $middleware , same with $middlewarePriority

I keep getting the same result

silk mortar Aug 24, 2023, 12:46 PM

#

How is this 404 triggered? You mentioned laravel logs, what do those say?

#

If all looks good in Laravel, it feels like there may be an intermediate proxy that is perhaps removing the headers?

#CORS error - Only with 404 http code