Files
finance_app/config/cors.php
henry yo 85972f950c feat: 前端分離+功能api化
1. 新增資產管理CRUD、googleOAuth登入
2. 更改原記帳controller
2026-06-25 14:19:07 +08:00

38 lines
1.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
return [
/*
|--------------------------------------------------------------------------
| Cross-Origin Resource Sharing (CORS) Configuration
|--------------------------------------------------------------------------
|
| Here you may configure your settings for cross-origin resource sharing
| or "CORS". This determines what cross-origin operations may execute
| in web browsers. You are free to adjust these settings as needed.
|
*/
// 🟢 修正 1確保包含你要戳的所有 API 路徑(包含上傳)
'paths' => ['api/*', 'sanctum/csrf-cookie', 'login', 'logout'],
// 🟢 修正 2允許前端傳入的 HTTP 方法GET, POST, PUT, DELETE 都要開)
'allowed_methods' => ['*'],
// 🟢 修正 3精準允許你的 Vue 前端開發網址(看你前端是在 5173 還是其他埠號)
// 你也可以直接寫 ['*'] 偷懶大開,但在本地端寫特定網址更安全:
'allowed_origins' => ['http://localhost:5173', 'http://127.0.0.1:5173'],
'allowed_origins_patterns' => [],
// 🟢 修正 4上傳 FormData 時會帶有 Content-Type 等 Header必須全開
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
// 🟢 修正 5非常關鍵因為我們用了 Sanctum 驗證狀態,必須允許傳遞 Cookie/憑證
'supports_credentials' => true,
];