<?php

namespace App\Http\Middleware\Bside;

use Closure;

class EnableCrossRequestMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        // 指定允许其他域名访问
        $http_origin = "*";
        if(isset($_SERVER['HTTP_ORIGIN'])){
            $http_origin = $_SERVER['HTTP_ORIGIN'];
        }
        header("Access-Control-Allow-Origin:".$http_origin);
        header('Access-Control-Allow-Methods:POST,GET'); //支持的http 动作
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 1000');
        header('Access-Control-Allow-Headers:Origin, X-Requested-With, Content-Type, Accept, Authorization, token');  //响应头 请按照自己需求添加。
        if (strtolower($_SERVER['REQUEST_METHOD']) == 'options') {
            exit;
        }
        return $next($request);
    }
}