Enable Cors in .Htaccess

enable cors in .htaccess

Since I had everything being forwarded to index.php anyway I thought I would try setting the headers in PHP instead of the .htaccess file and it worked! YAY! Here's what I added to index.php for anyone else having this problem.

// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
    // should do a check here to match $_SERVER['HTTP_ORIGIN'] to a
    // whitelist of safe domains
    header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
    header('Access-Control-Allow-Credentials: true');
    header('Access-Control-Max-Age: 86400');    // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
        header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");         

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

}

credit goes to slashingweapon for his answer on this question

Because I'm using Slim I added this route so that OPTIONS requests get a HTTP 200 response

// return HTTP 200 for HTTP OPTIONS requests
$app->map('/:x+', function($x) {
    http_response_code(200);
})->via('OPTIONS');

htaccess Access-Control-Allow-Origin

Try this in the .htaccess of the external root folder :

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
</IfModule>

And if it only concerns .js scripts you should wrap the above code inside this:

<FilesMatch "\.(js)$">
...
</FilesMatch>

htaccess for CORS in javascript

@user4035 answered this in another thread

Try loading headers_module inside Apache config

How to enable 'Access-Control-Allow-Origin' header for all files in a directory of XAMPP?

Create a file called ".htaccess" in the directory of your files and add the following to the file.

Header set Access-Control-Allow-Origin "http://localhost:50000/"

Access-Control-Allow-Origin htaccess file not working

Try with:

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Content-Type"
Header set Access-Control-Allow-Methods "GET"

Related Topics

Save PHP Array to MySQL

Utility of Http Header "Content-Type: Application/Force-Download" For Mobile

Laravel Eloquent Select All Rows With Max Created_At

Does MySQL_Real_Escape_String() Fully Protect Against SQL Injection

PHP - Upload Utf-8 Filename

Warning: Cannot Modify Header Information - Headers Already Sent by Error

How to Hide/Encode/Encrypt PHP Source Code and Let Others Have the System

Characters Allowed in PHP Array Keys

How to Extract a Node Attribute from Xml Using PHP'S Dom Parser

Execute Raw SQL Using Doctrine 2

How to Set Upload_Max_Filesize in .Htaccess

Regex For Names

Curl_Exec() Always Returns False

Add 'Watermark' to Images With PHP

Post a File String Using Curl in PHP

Send Post Request Using Volley and Receive in PHP

Connect to a MySQL Server Over Ssh in PHP

Doing Calculations in MySQL VS PHP


Leave a reply



Submit