-
-
Save rajagopalx/aff5bd7ffaa14739777059d64a738db6 to your computer and use it in GitHub Desktop.
global enable CORS without touching code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# with AJAX withCredentials=false (cookies NOT sent) | |
Header always set Access-Control-Allow-Origin "*" | |
Header always set Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, PATCH, DELETE" | |
Header always set Access-Control-Allow-Headers "X-Accept-Charset,X-Accept,Content-Type" | |
RewriteEngine On | |
RewriteCond %{REQUEST_METHOD} OPTIONS | |
RewriteRule ^(.*)$ $1 [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}]] | |
# with AJAX withCredentials=true (cookies sent, SSL allowed...) | |
SetEnvIfNoCase ORIGIN (.*) ORIGIN=$1 | |
Header always set Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, PATCH, DELETE" | |
Header always set Access-Control-Allow-Origin "%{ORIGIN}" | |
Header always set Access-Control-Allow-Credentials "true" | |
Header always set Access-Control-Allow-Headers "X-Accept-Charset,X-Accept,Content-Type" | |
RewriteEngine On | |
RewriteCond %{REQUEST_METHOD} OPTIONS | |
RewriteRule ^(.*)$ $1 [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment