Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header?
Access-Control-Allow-Origin
I\'m aware of the *, but it is too open. I rea
*
PHP code example for matching subdomains.
if( preg_match("/http:\/\/(.*?)\.yourdomain.example/", $_SERVER['HTTP_ORIGIN'], $matches )) { $theMatch = $matches[0]; header('Access-Control-Allow-Origin: ' . $theMatch); }