Laravel

How to set x-frame options header in Laravel 8

Photo of Shaiv Roy Shaiv Roy Follow on Twitter Send an email January 25, 2021Last Updated: January 25, 2021
0 404 1 minute read
cross-origin-header-option-in-laravel

In this article I will guide you how we can set x-frame options header in Larvel 8, basically this error when trying to open something in our iframe,then in the console it shows error x-frame option ‘X-Frame-Options’ to ‘sameorigin’.

You can set the header in your Laravel application by creating a middleware, To set the header we will follow the below steps.

  • Create a middleware
  • Write the middlware code
  • Register it in Kernel.php

Step : 1 Create a middleware

Run the below command to create middleware in Laravel.

php artisan make:middleware FrameHeadersMiddleware

The above command will create middleware inside app/Http/Middleware named as FrameHeadersMiddleware.php

Step – 2: Write the middleware code

Now open FrameHeadersMiddleware.php and write the below code.

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class FrameHeadersMiddleware 
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        $response = $next($request);
        $response->header('X-Frame-Options', 'ALLOW FROM YOUR-URL');
        return $response;
    }
}

Step : 3 Add it in Kernel.php

Now go to app/Http/Kernel.php and it under your protected middleware array.

/**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        // \App\Http\Middleware\TrustHosts::class,
        \App\Http\Middleware\TrustProxies::class,
        \Fruitcake\Cors\HandleCors::class,
        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
        \App\Http\Middleware\HeaderHandler::class,
        \App\Http\Middleware\FrameHeadersMiddleware::class, // frameHeaderMiddleware

    ];

Read Also: How to use usort in Laravel

I hope you like this blog and if your issue still not resolved feel free to comment.

Photo of Shaiv Roy Shaiv Roy Follow on Twitter Send an email January 25, 2021Last Updated: January 25, 2021
0 404 1 minute read
Photo of Shaiv Roy

Shaiv Roy

Hy Myself shaiv roy, I am a passionate blogger and love to share ideas among people, I am having good experience with laravel, vue js, react, flutter and doing website and app development work from last 7 years.

Related Articles

web push notification laravel 8

Firebase web push notification in Laravel 8

August 21, 2021
Laravel Unique visitor counter

Laravel Unique Visitor Counter

November 24, 2021
Contracting out software development work to India can offer several benefits:

Benefits of contracting out software development work to India

November 2, 2023
laravel tips and tricks

Laravel Tips and Tricks 2022

October 26, 2021

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button