Skip to main content

Setting Access-Control-Allow-Origin in .htaccess

·72 words
icysamon
Author
icysamon
Electronics & Creator
Table of Contents

Add the following content to the .htaccess file on the resource server (such as a CDN).

# CORS
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "[https://example.com](https://example.com)"
</IfModule>

https://example.com is the origin requesting the resources.

For example, if example.com is requesting resources from cdn.example.com, you must configure the .htaccess file mentioned above on the cdn.example.com side.

Multiple Domains
#

<IfModule mod_headers.c>
    SetEnvIf Origin "http(s)?://(www\.)?(domain1.com|domain2.com|domain3.com)$" AccessControlAllowOrigin=$0$1
    Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
    Header set Access-Control-Allow-Credentials true
</IfModule>