Get the latest Laravel/PHP jobs, events and curated articles straight to your inbox, once a week
Source: dunglas.dev
Preventing CORS Preflight Requests Using Content Negotiation
In modern web applications, it’s a common pattern to serve the web API and the frontend app from different subdomains: https://api.example.com: your web API, usually serving JSON documents https://example.com: your web application, usually built in JavaScript, generating HTML documents from the raw JSON data retrieved from the API When serving your API from a different https://developer.mozilla.org/en-US/docs/Glossary/Origin than the frontend application, browsers will automatically send an additional OPTIONS request before any request is made to the API.
These preflight requests ensure that the frontend app is allowed to interact with the resources served by the API. As https://nickolinger.com/blog/2021-08-04-you-dont-need-that-cors-request/, these preflight requests add unnecessary latency, slow down applications, waste battery on mobile devices, and increase servers load.
The solution to prevent these preflight requests is simple: serve the API and the frontend application from the same origin!
These preflight requests ensure that the frontend app is allowed to interact with the resources served by the API. As https://nickolinger.com/blog/2021-08-04-you-dont-need-that-cors-request/, these preflight requests add unnecessary latency, slow down applications, waste battery on mobile devices, and increase servers load.
The solution to prevent these preflight requests is simple: serve the API and the frontend application from the same origin!
Newsletter
Glimpse
Glimpse streamlines Laravel development by seamlessly deploying GitHub pull requests to preview environments with the help of Laravel Forge.
Community Partners
Laravel/PHP Careers