Skip to main content
Home
badllama.com
  • Search
  • Log In

cors

CORS

bchavet's picture

Thu, 11/30/2017 - 10:16 by bchavet

An API generally doesn't want to restrict a request's origin. However, some things don't work well with Access-Control-Allow-Origin: *. So, the way around that is to just mirror back the Origin that a client sends. This apache config sets Access-Control-Allow-* headers when it receives an Origin header from a client, and mirrors the requested Origin back in the Access-Control-Allow-Origin header.

Tags: 
apache
cors
  • Read more about CORS
Powered by Backdrop CMS