Cloudflare blocking CORS from origin server

HI I am using an Nginx stack with PHP 7.2 running laravel API and angular frontend in my application I have set CORS to only the frontend domain and when I test this locally it works but when I test this on a remote server that is proxied through Cloudflare the post method doesn’t return the CORS headers, I have looked through the documentation but dont understand how to set the CORS headers correctly can anyone point me to some clearer documentation or explain how I can set the CORS headers with Cloudflare, thanks

Cloudflare should not block the CORS headers from your origin.
You can find more details on Cloudflare and the CORS headers here:


I can confirm that setting CORS headers on POST requests works fine for me with Nginx + PHP-FPM 7.4–Cloudflare doesn’t interfere.

Remember, you also need to send appropriate headers in response to the preflight request, which is HEAD, not POST. That’s how the browser determines whether it’s safe to subsequently send a POST request.

This topic was automatically closed after 14 days. New replies are no longer allowed.