Codeigniter CORS policy: No 'Access-Control-Allow-Origin' error How to resolve?
Try allowing GET & OPTIONS
<?php
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Methods: GET, OPTIONS");
If the above doesn't work, try allowing access to font resources via .htaccess
(for apache) or in nginx server block - add these lines:
# Apache config
<FilesMatch ".(eot|ttf|otf|woff)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
or
# nginx config
if ($filename ~* ^.*?\.(eot)|(ttf)|(woff)$){
add_header Access-Control-Allow-Origin *;
}
error Access-Control-Allow-Origin header on codeigniter
In the controller, set Access-Control-Allow-Origin at the top of your php script to the expected value of the origin header, the domain your ajax calls from:
header('Access-Control-Allow-Origin: abc');
Or if you never use credentials and don't care where the request comes from, just use a wildcard:
header('Access-Control-Allow-Origin: *');
update 2015-07-13 12:34 +0000
Disclaimer
I think I failed to properly consider that this was done under codeigniter and it now seems to me this answer is pretty poor.
enabling cors in codeigniter ( restserver by @chriskacerguis )
Try adding OPTIONS
to the allowed methods.
header("Access-Control-Allow-Methods: GET, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding");
and return immediately when the request is method 'OPTIONS' once you have set the headers.
if ( "OPTIONS" === $_SERVER['REQUEST_METHOD'] ) {
die();
}
See also this answer.
Angular sends a W3C CORS spec compliant preflight request that will check for the right allowed methods before actually attempting it.
Personally, I find the Mozilla Developer Network CORS page a bit easier to read on the matter to help understand the flow of CORS.
No 'Access-Control-Allow-Origin' error in HMVC Codeigniter
For Cross-Origin Resource in Codeignitor you have to include this line in controller right after start of <?php
tag
header('Access-Control-Allow-Origin: *');
CORS issue in codeigniter 4: Response to preflight request doesn't pass access control check
Please try by setting Apache response headers and redirect method to .htaccess
in root of www/public
directory, like this:
#Redirect for CORS Preflight request
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
#Set headers to access CORS Requests / allowing localhost only
Header always add Access-Control-Allow-Origin "*"
Header always add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header always add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
NOTE: Be careful by adding Header always add Access-Control-Allow-Origin "*"
to your .htaccess
, "*"
open doors for attackers, replace *
with your domain or subdumain!
How to enable or Allow Access-Control-Allow-Origin for JQuery and Codeigniter 4
Whenever, there is a cross-origin issue, there are two routes that are hit. Lets say in your example, you have GET request to "http://api.domain.te/requests/verify", So before hitting your server with GET request it will hit same url with OPTIONS request. This verifies whether your server allows the API for the Cross Origin Request.
So In CI4 routes you have to define same URL or include a wild card to enable your cross origin request.
Here, the following example is for wild card request.
$routes->options('(:any)', 'Controller/options');
Here this route matches any routes with OPTIONS method and a single method called Options is there to handle it.
This options method can be defined as follows :
public function options($any)
{
return $this->response->setHeader('Access-Control-Allow-Origin', '*') //for allow any domain, insecure
->setHeader('Access-Control-Allow-Headers', '*') //for allow any headers, insecure
->setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE') //method allowed
->setStatusCode(200); //status code
}
What this method essentially does is lets the browser know that request are allowed for Cross-Origin, with status Methods such as GET, POST, PUT and DELETE.
After browser hits this request, it will be directed to your request which should also have cross origin enabled as follow:
$this->response->setContentType('application/json')->setJSON($response)->send()->setHeader('Access-Control-Allow-Origin', '*');
Reference : https://carminemilieni.it/2019/09/19/resolve-cors-and-corb-in-codeigniter-4/
Related Topics
How to Resolve a Http 414 "Request Uri Too Long" Error
How to Get the MAC and the Ip Address of a Connected Client in PHP
How to Fetch Record of Many Ids on Single Query
How to Prevent Mails Sent Through PHP Mail() from Going to Spam
Fatal Error: Call to Undefined Function Mysqli_Connect()
Laravel Ajax Response Return HTML Elements
Open Modal from Another Page Laravel
Telegram Botapi, Send Message to Multiple Chat_Id
How to Convert Ereg Expressions to Preg in PHP
How to Echo Selected Value of Dropdown in PHP
How to Delete Multiple Redis Keys With the Same Pattern in PHP Using Phpredis
Php Fatal Error: Uncaught Pdoexception: Could Not Find Driver
Increase a Value Like = +1 in MySQL and PHP
On a Function That Gets Settings from a Db I Ran into the Error