Laravel Vite Cors Error

Laravel Vite CORS Error

When using Laravel with Vite, you may encounter CORS (Cross-Origin Resource Sharing) errors. CORS is a security mechanism implemented in web browsers to prevent requests from different origins (i.e., domains) from accessing resources on a server. These errors can occur when your Laravel APIs are accessed from a different domain than the one the API is hosted on.

How to Fix CORS Error in Laravel Vite

There are a few steps you can take to fix the CORS error in Laravel Vite:

  1. Install the CORS package in your Laravel project by running the following command in your terminal:
  2. composer require fruitcake/laravel-cors
  3. After installing the package, open the app/Http/Kernel.php file and add the following middleware to the $middleware array:
  4. 'Cors' => \Fruitcake\Cors\HandleCors::class,
  5. Next, publish the configuration file for the CORS package by running the following command in your terminal:
  6. php artisan vendor:publish --provider="Fruitcake\Cors\CorsServiceProvider"
  7. This command will generate a new file called cors.php in the config directory of your Laravel project. Open this file and configure the CORS options according to your requirements. For example:
  8. return [
        'paths' => ['api/*'],
        'allowed_methods' => ['*'],
        'allowed_origins' => ['*'],
        'allowed_origins_patterns' => [],
        'allowed_headers' => ['*'],
        'exposed_headers' => [],
        'max_age' => 0,
        'supports_credentials' => false,
  9. Save the cors.php file and try accessing your Laravel APIs from your Vite app again. The CORS error should now be resolved.

Explanation with Examples

Let’s say you have a Laravel API at and your Vite app is hosted on When you try to make a request from your Vite app to the Laravel API, the browser may block the request due to CORS restrictions. To fix this, you need to configure CORS options in your Laravel project as mentioned above.

In the cors.php configuration file, the 'paths' option specifies which paths should be allowed for cross-origin requests. In this example, we have specified ['api/*'] to allow requests to any path starting with /api/. You can modify this according to your API routes.

The 'allowed_methods' option specifies which HTTP methods are allowed for CORS requests. Using ['*'] allows all methods, but you can specify specific methods like ['GET', 'POST'] if required.

The 'allowed_origins' option allows specific origins from which requests are allowed. Using ['*'] allows requests from any origin. You can specify specific origins like [''] if required.

Similarly, the 'allowed_headers' option allows specific headers in CORS requests. Using ['*'] allows all headers, but you can specify specific headers like ['Content-Type', 'Authorization'] if required.

Make sure to save the cors.php file after making the necessary changes. Now, when you make API requests from your Vite app to your Laravel API, the CORS error should not occur.

Read more interesting post

Leave a comment