Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

handle multiple domains with Access-Control-Allow-Origin header in Apache

Tags:

http

cors

cross-domain

apache

.htaccess

I want to configure apache for cross-domain access header. I have tried multiple combination as suggested on number of threads on the forum. But its not working for me.

The ways, I have tried:

1) Specify domain on different line as below with Header set : 

Header set Access-Control-Allow-Origin "example1.com" Header set Access-Control-Allow-Origin "example2.com" Header set Access-Control-Allow-Origin: "example3.com"

With this setup its picking only last one and ignore rest of all.

2) Specify domain on different line as below with Header add : 

Header add Access-Control-Allow-Origin "example1.com" Header add Access-Control-Allow-Origin "example2.com" Header add Access-Control-Allow-Origin: "example3.com"

With this its showing all three domains in header, but fonts are not getting picked up on Firefox.

3.) Tried Using SetEnvIf, but again its not working : 

SetEnvIf Origin "http(s)?://(www\.)?(mydomain.com|mydomain2.com)$" AccessControlAllowOrigin=$0$1 Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin

Finally working with "*", but I don't want to use this.

Please help with this.

like image 810
Kuldeep Avatar asked Dec 19 '13 05:12

Kuldeep

People also ask

Can you have multiple Access-Control allow Origin headers?

You can only have 1 host/domain in the Access-Control-Allow-Origin header in the response sent by IHS. If you want to be able to have a list of domains that you want to allow you need check the Origin header sent in the request and use some variables.

How do you add multiple domains in Access-Control allow origin?

Sounds like the recommended way to do it is to have your server read the Origin header from the client, compare that to the list of domains you would like to allow, and if it matches, echo the value of the Origin header back to the client as the Access-Control-Allow-Origin header in the response.

1 Answers

For 3 domains, in your .htaccess:

<IfModule mod_headers.c>     SetEnvIf Origin "http(s)?://(www\.)?(domain1.org|domain2.com|domain3.net)$" AccessControlAllowOrigin=$0$1     Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin     Header set Access-Control-Allow-Credentials true </IfModule>

I've tried this and it works for me. Let me know if it doesn't for you.

like image 104
George Avatar answered Sep 28 '22 01:09

George
Sign in to Comment

Related questions

What is the correct mime-type for serving an iPhone .ipa file?
proxy_ajp:error (70007)The timeout specified has expired:
Apache Localhost 403 Forbidden with macOS Sierra [closed]
Is there a program to view live HTTP requests under the Apache server?
Slow cronjobs on Cent OS 5
How to use the setEnv variable in apache?
Tomcat 7 - where do I set 'system properties'?
.htaccess File Options -Indexes on Subdirectories
Apache - Invalid command 'SSLMutex'
Apache: Invalid command 'SSLEngine', perhaps misspelled or defined by a module not included in the server configuration
htaccess redirect index.php to root (including subdomains)
CordovaResourceApi import unresolved phonegap
Plack::App::CGIBin via Apache and mod_fastcgi - CGI script not found
ImportError: No module named django.core.handlers.wsgi in install django mod_wsgi config on apache
How can I pre-compress files with mod_deflate in Apache 2.x?
How to add comment in apache httpd.conf not as a complete line?
Leverage browser caching for 3rd party JS
Could not reliably determine the server's fully qualified domain name ... How to solve it in Docker?
JS and CSS files in vagrant not properly encoded when saved outside of the VM
Redirecting command output to a variable in bash fails

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!