'*', 'Access-Control-Allow-Methods' => 'GET,POST,PUT,PATCH,DELETE,OPTIONS', 'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Accept, Accept-Language, X-Client-Id, X-Requested-With', 'Access-Control-Max-Age' => '86400', ]; if (strtoupper($request->method()) === 'OPTIONS') { return response('', 204)->header($header); } return $next($request)->header($header); } }