Product support

Visit this product's website for support.


  • Developer Tools
  • Security
  • Utility

This plugin is based on https://github.com/barryvdh/laravel-cors. All configuration for the plugin can be done via the backend settings.

The following CORS headers are supported:

  • Access-Control-Allow-Origin
  • Access-Control-Allow-Headers
  • Access-Control-Allow-Methods
  • Access-Control-Allow-Credentials
  • Access-Control-Expose-Headers
  • Access-Control-Max-Age

Currently these headers are sent for every request. There is no per-route configuration possible at this time.


After installing the plugin visit the CORS settings page in your October CMS backend settings.

You can add * as an entry to Allowed origins, Allowed headers and Allowed methods to allow any kind of CORS request from everywhere.

It is advised to be more explicit about these settings. You can add values for each header via the repeater fields.

It is important to set these initial settings once for the plugin to work as expected!


Fixed backend settings label (thanks to LukeTowers)

Feb 14, 2017


Initial release.

Dec 23, 2016