withHeaders([ 'Origin' => 'https://rabbigerzi.com', 'Access-Control-Request-Method' => 'POST', 'Access-Control-Request-Headers' => 'content-type', ])->options('/api/login'); $response->assertNoContent(); $response->assertHeader( 'Access-Control-Allow-Origin', 'https://rabbigerzi.com' ); $response->assertHeader('Access-Control-Allow-Credentials', 'true'); } }