header('origin'); $header['Access-Control-Allow-Origin'] = '*'; $header['Access-Control-Allow-Methods'] = 'POST,GET,JSON,OPTIONS,DELETE'; $header['Access-Control-Allow-Headers'] = 'x-requested-with,content-type,SECRET-KEY,TOKEN,'. Config::get('cookie.promote_token_name','').','. Config::get('cookie.admin_token_name','').','. Config::get('cookie.system_token_name',''); if ($request->method(true) == 'OPTIONS') { $response = Response::create('ok')->code(200)->header($header); } else { $response = $next($request)->header($header); } return $response; } }