Add CORS support for buy now buttons

app/Http/Kernel.php

@@ -34,5 +34,6 @@ class Kernel extends HttpKernel
         'permissions.required' => 'App\Http\Middleware\PermissionsRequired',
         'guest' => 'App\Http\Middleware\RedirectIfAuthenticated',
         'api' => 'App\Http\Middleware\ApiCheck',
+        'cors' => '\App\Http\Middleware\Cors',
     ];
 }

app/Http/Middleware/Cors.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class Cors
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        return $next($request)
+            ->header('Access-Control-Allow-Origin', '*')
+            ->header('Access-Control-Allow-Methods', 'GET, POST');
+    }
+}

app/Http/routes.php

@@ -71,7 +71,10 @@ Route::post('signup/submit', 'AccountController@submitSignup');
 
 Route::get('/auth/{provider}', 'Auth\AuthController@authLogin');
 Route::get('/auth_unlink', 'Auth\AuthController@authUnlink');
+
+Route::group(['middleware' => 'cors'], function () {
     Route::match(['GET', 'POST'], '/buy_now/{gateway_type?}', 'OnlinePaymentController@handleBuyNow');
+});
 
 Route::post('/hook/email_bounced', 'AppController@emailBounced');
 Route::post('/hook/email_opened', 'AppController@emailOpened');