Merge remote-tracking branch 'origin/master'

app/Http/Kernel.php

@@ -23,6 +23,7 @@ class Kernel extends HttpKernel
         \App\Http\Middleware\TrimStrings::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
         \App\Http\Middleware\TrustProxies::class,
+        \App\Http\Middleware\EnableCrossRequestMiddleware::class,
     ];
 
     /**

app/Http/Middleware/EnableCrossRequestMiddleware.php

@@ -16,7 +16,7 @@ class EnableCrossRequestMiddleware
     public function handle($request, Closure $next){
         $response = $next($request);
         $response->header('Access-Control-Allow-Origin', '*');
-        $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, Accept, X-CSRF-TOKEN');
+        $response->header('Access-Control-Allow-Headers', '*');
         $response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS');
         $response->header('Access-Control-Allow-Credentials', 'true');