Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Set subdomain Allow Origin on Apache and return 200 OK on OPTONS preflight request for ajax use without jsonp
SetEnvIf Origin ^(https?://.+\.yourdomain\.com(?::\d{1,5})?)$ CORS_ALLOW_ORIGIN=$1
Header always set Access-Control-Allow-Origin %{CORS_ALLOW_ORIGIN}e env=CORS_ALLOW_ORIGIN
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
Header merge Vary "Origin"
RewriteEngine On
RewriteRule ^(.*)$ $1 [R=200,L]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment