CORS Access-Control-Allow-Origin cache issue

Question

It is a problem about multi-domain access the same server file in chrome.

=========

server: apache (supports CORS)

file url: www.a.com/a.file

multi-domain: b.com,c.com …

=========

situation: (in chrome)

1. b.com access a.file : success .

   and then c.com access a.file : fail

2. b.com access a.file : success .

   and then clean cache of chrome,

   and c.com access a.file : success

3. b.com access a.file with http : success .

   and then b.com access a.file with https : fail (like 1)

4. b.com access a.file with http : success .

   and then clean cache of chrome,

   and b.com access a.file with https : fail (like 2)

In situation 1,here is the request header. and I notice that the request will access file from cache , and both Access-Control-Allow-Origin are http://www.b.com. maybe it is the key of this problem. But I have no idea…

b.com

Request URL:www.a.com/a.file
Request Method:GET
Status Code:200 OK (from cache) <-here

Response Headers
Accept-Ranges:bytes
Access-Control-Allow-Methods:GET, POST
Access-Control-Allow-Origin:http://www.b.com <--(here! the same as situation 2)
Content-Length:115
Content-Type:text/plain
Date:Wed, 04 Nov 2015 10:21:29 GMT
Last-Modified:Tue, 28 Jul 2015 01:41:20 GMT
Server:Apache

c.com

Request URL:www.a.com/a.file
Request Method:GET
Status Code:200 OK (from cache) <-here

Response Headers
Accept-Ranges:bytes
Access-Control-Allow-Methods:GET, POST
Access-Control-Allow-Origin:http://www.b.com <--(here! it is "http://www.a.com" in situation 2)
Content-Length:115
Content-Type:text/plain
Date:Wed, 04 Nov 2015 10:21:29 GMT
Last-Modified:Tue, 28 Jul 2015 01:41:40 GMT
Server:Apache

Answer 1

Problem solved.

Just need to add Header append Vary Origin to httpd.conf in Apache.

here is the detail.