Access-Control-Allow-Origin Multiple Origin Domains?

前端 未结 30 2102
隐瞒了意图╮
隐瞒了意图╮ 2020-11-21 07:08

Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header?

I\'m aware of the *, but it is too open. I rea

30条回答
  •  终归单人心
    2020-11-21 07:18

    If you try so many code examples like me to make it work using CORS, it is worth to mention that you have to clear your cache first to try if it actually works, similiar to issues like when old images are still present, even if it's deleted on the server (because it is still saved in your cache).

    For example CTRL + SHIFT + DEL in Google Chrome to delete your cache.

    This helped me using this code after trying many pure .htaccess solutions and this seemed the only one working (at least for me):

        Header add Access-Control-Allow-Origin "http://google.com"
        Header add Access-Control-Allow-Headers "authorization, origin, user-token, x-requested-with, content-type"
        Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
    
        
            
                SetEnvIf Origin "http(s)?://(www\.)?(google.com|staging.google.com|development.google.com|otherdomain.com|dev02.otherdomain.net)$" AccessControlAllowOrigin=$0
                Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
            
        
    

    Also note that it is widely spread that many solutions say you have to type Header set ... but it is Header add .... Hope this helps someone having the same troubles for some hours now like me.

提交回复
热议问题