['api/*', 'sanctum/csrf-cookie', '*'], 'allowed_methods' => ['*'], 'allowed_origins' => explode(',', env('ALLOWED_ORIGINS', 'https://trustlab.dyzulk.com,https://api.trustlab.dyzulk.com,docs.trustlab.dyzulk.com,https://trustlab.pages.dev')), 'allowed_origins_patterns' => [ '#^https?://.*\.trustlab\.pages\.dev$#', '#^http://localhost:\d+$#', ], 'allowed_headers' => ['*'], 'exposed_headers' => [], 'max_age' => 0, 'supports_credentials' => true, ];