CORS header not being served by Apache if there's a 404

Question

I added the following to a vhost config in MAMP PRO:

Header set Access-Control-Allow-Origin "*"

(this is the only thing in the 'Additional parameters for ' box)

Which works great, if I inspect the headers from simply loading an image from the vhost's domain.

What doesn't work so great is if I try to access a URL that results in a (correct) 404.. the header is no longer set.

Is this normal? It doesn't seem normal. Why would Apache (or mamp) decide to ignore my 'Header set' directive just because there's a 404?

Request headers from loading an image:

Host: redacted.dev
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response headers from loading an image:

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 18575
Content-Type: image/jpeg
Date: Wed, 18 Feb 2015 13:27:25 GMT
Etag: "81-488f-50f376cb56b40"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 16 Feb 2015 16:53:25 GMT
Server: Apache

Request headers from trying to access something that isn't there:

Host: redacted.dev
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response headers from trying to access something that isn't there:

Connection: Keep-Alive
Content-Length: 251
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 18 Feb 2015 13:28:50 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

A bit lost on this one...

Answer 1

You need the "always" prefix...

Header always set Access-Control-Allow-Origin "*"