php - requesting cloudinary resource gives CORS errors

Question

I have a laravel/lumen server managing uploads of my cloudinary resources. I'm also using the server as an API endpoint for my front end app. One of the endpoints returns a file from Cloudinary. I'm doing this by redirecting the request to the Cloudinary resource. However my app is failing because there are no CORS headers on the redirected resource.

return redirect()->to("https://res.cloudinary.com/gates/raw/upload/" . $upload->id);

the error i get is:

Redirect from 'https://{my-server.com}/api/v1/export' to 
'https://res.cloudinary.com/gates/raw/upload/{upload-id}' has been 
blocked by CORS policy: No 'Access-Control-Allow-Origin' header is 
present on the requested resource. Origin 'https://{my-frontend.com}' 
is therefore not allowed access.

Answer 1

You can use this library on your server: https://github.com/barryvdh/laravel-cors

return [
     /*
     |--------------------------------------------------------------------------
     | Laravel CORS
     |--------------------------------------------------------------------------
     |
     | allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
     | to accept any value.
     |
     */
    'supportsCredentials' => false,
    'allowedOrigins' => ['*'],
    'allowedHeaders' => ['Content-Type', 'X-Requested-With'],
    'allowedMethods' => ['*'], // ex: ['GET', 'POST', 'PUT',  'DELETE']
    'exposedHeaders' => [],
    'maxAge' => 0,
]


allowedOrigins => [*] mean that you give access to your server, you can add ip's or dns for restrict access to your server