enable cors in .htaccess
Since I had everything being forwarded to index.php anyway I thought I would try setting the headers in PHP instead of the .htaccess file and it worked! YAY! Here's what I added to index.php for anyone else having this problem.
// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
// should do a check here to match $_SERVER['HTTP_ORIGIN'] to a
// whitelist of safe domains
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
credit goes to slashingweapon for his answer on this question
Because I'm using Slim I added this route so that OPTIONS requests get a HTTP 200 response
// return HTTP 200 for HTTP OPTIONS requests
$app->map('/:x+', function($x) {
http_response_code(200);
})->via('OPTIONS');
htaccess Access-Control-Allow-Origin
Try this in the .htaccess of the external root folder :
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
And if it only concerns .js scripts you should wrap the above code inside this:
<FilesMatch "\.(js)$">
...
</FilesMatch>
htaccess for CORS in javascript
@user4035 answered this in another thread
Try loading headers_module inside Apache config
How to enable 'Access-Control-Allow-Origin' header for all files in a directory of XAMPP?
Create a file called ".htaccess" in the directory of your files and add the following to the file.
Header set Access-Control-Allow-Origin "http://localhost:50000/"
Access-Control-Allow-Origin htaccess file not working
Try with:
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Content-Type"
Header set Access-Control-Allow-Methods "GET"
Related Topics
Utility of Http Header "Content-Type: Application/Force-Download" For Mobile
Laravel Eloquent Select All Rows With Max Created_At
Does MySQL_Real_Escape_String() Fully Protect Against SQL Injection
Warning: Cannot Modify Header Information - Headers Already Sent by Error
How to Hide/Encode/Encrypt PHP Source Code and Let Others Have the System
Characters Allowed in PHP Array Keys
How to Extract a Node Attribute from Xml Using PHP'S Dom Parser
Execute Raw SQL Using Doctrine 2
How to Set Upload_Max_Filesize in .Htaccess
Curl_Exec() Always Returns False
Add 'Watermark' to Images With PHP
Post a File String Using Curl in PHP
Send Post Request Using Volley and Receive in PHP