['api/*', 'sanctum/csrf-cookie'], 'allowed_methods' => ['*'], 'allowed_origins' => ['*'], /** 直连 API（未走代理）时兼容本地任意端口 */ 'allowed_origins_patterns' => [ '#^http://localhost(:\d+)?$#', '#^http://127\.0\.0\.1(:\d+)?$#', ], 'allowed_headers' => ['*'], 'exposed_headers' => [], 'max_age' => 0, 'supports_credentials' => false, ];