From 8e8ab652882ee5552e0a51f60a2ea162fbddfcd6 Mon Sep 17 00:00:00 2001
From: hskwon <shine1324@gmail.com>
Date: Mon, 24 Nov 2025 12:43:06 +0900
Subject: [PATCH] =?UTF-8?q?fix:=20CORS=20preflight=20=EC=9D=91=EB=8B=B5?=
 =?UTF-8?q?=EC=97=90=20x-api-key=20=ED=97=A4=EB=8D=94=20=ED=97=88=EC=9A=A9?=
 =?UTF-8?q?=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- exposed_headers에 x-api-key, Authorization 추가
- max_age를 86400초(24시간)로 설정하여 preflight 캐싱 활성화
- React 프론트엔드에서 API 호출 시 CORS 에러 해결
---
 config/cors.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/cors.php b/config/cors.php
index 3432a11..3282b26 100644
--- a/config/cors.php
+++ b/config/cors.php
@@ -6,7 +6,7 @@
     'allowed_origins' => ['*'], // 모든 도메인 허용 (보안 주의)
     'allowed_origins_patterns' => [],
     'allowed_headers' => ['*'], // 모든 헤더 허용
-    'exposed_headers' => [],
-    'max_age' => 0,
+    'exposed_headers' => ['x-api-key', 'Authorization'], // 커스텀 헤더 명시
+    'max_age' => 86400, // Preflight 캐싱 (24시간)
     'supports_credentials' => false,
 ];