How do I use Access-Control-Allow-Origin? Does it just go in between the html head tags?

by

There are 3 ways to allow cross domain origin (excluding jsonp):

  1. Set the header in the page directly using a templating language like PHP. Keep in mind there can be no HTML before your header or it will fail.

  2. Modify the server configuration file (apache.conf) and add this line. Note that "*" represents allow all. Some systems might also need the credential set. In general allow all access is a security risk and should be avoided:

    Header set Access-Control-Allow-Origin “*”
    Header set Access-Control-Allow-Credentials true

  3. To allow multiple domains on Apache web servers add the following to your config file

    SetEnvIf Origin “http(s)?://(www\.)?(example.org|example.com)$” AccessControlAllowOrigin=$0$1
    Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
    Header set Access-Control-Allow-Credentials true

  4. For development use only hack your browser and allow unlimited CORS using the Chrome Allow-Control-Allow-Origin extension

  5. Disable CORS in Chrome: Quit Chrome completely. Open a terminal and execute the following. Just be cautious you are disabling web security:

    open -a Google\ Chrome –args –disable-web-security –user-data-dir

More Related Contents:

  1. What are the integrity and crossorigin attributes?
  2. Browser Canvas CORS Support for Cross Domain Loaded Image Manipulation
  3. Cross Domain Form POSTing
  4. CORS not working php
  5. HTML5 download attribute not working when downloading from another server, even when Access-Control-Allow-Origin is set to all (*)
  6. HTML5 Canvas getImageData and Same Origin Policy
  7. File Url Cross Domain Issue in Chrome- Unexpected
  8. Purpose of the crossorigin attribute…?
  9. Can Cross-Origin Resource Sharing headers authorize X-Domain IFRAME access?
  10. Why are my HTML class attributes collapsed inline?
  11. Is there a vr (vertical rule) in html?
  12. How do I horizontally center an absolute positioned element inside a 100% width div? [duplicate]
  13. download webpage and dependencies, including css images [closed]
  14. How to get rid of x and up/down arrow elements of a input date?
  15. IE7 CSS Scrolling Div Bug
  16. Is it possible to hide the title from a link with CSS?
  17. Image placeholder fallback for HTML5 Video
  18. Does JSON-LD have to be embedded?
  19. How put percentage width into html canvas (no css)
  20. HTML CSS Invisible Button
  21. Zoom changes the design layout
  22. Clear Canvas Rect (but keep background)
  23. CSS After Element to insert mailto link?
  24. Is there a way to get the parent URL from an Iframe’s content?
  25. Poor anti-aliasing of text drawn on Canvas
  26. HTML Form File Uploads doesn’t upload file
  27. Can you have a within a ?
  28. Which browsers support data URIs and since which version?
  29. HTML5 Canvas – Fill circle with image
  30. Does svg xmlns attribute value requires protocol? Can it be https or relative?

Leave a Comment