Set CORS header to Allow Access for any Incoming Domain

The following may be used to set to always set the CORS header for any incoming domains without using the wildcard and for setting headers particularly for the incoming domain name. This header set allows passing of the cookie and is quite open, modify it for your needs:

 

 SetEnvIf Origin ".*$" acaorigin=$0
 Header always set Access-Control-Allow-Origin %{acaorigin}e env=acaorigin
 Header always set Access-Control-Allow-Credentials true
 Header always set Access-Control-Allow-Headers: "DNT, X-CustomHeader, Keep-Alive, User-Agent, If-Modified-Since, Cache-Control, C$, Authorization, Origin, X-Requested-With, Content-Type, Accept"
 Header always set Access-Control-Allow-Methods: "PUT, GET, POST, OPTIONS, PATCH"
 Header always set Access-Control-Expose-Headers: "Content-Security-Policy, Location, Cache-Control, Content-Language, Content-Encoding, Content-Type, Expires, Last-Modified, Pragma"
 Header always set Access-Control-Max-Age "600" 
 Header merge Vary Origin

 

 

  • 4 Users Found This Useful

Was this answer helpful?

Related Articles

How do I remove a web disk?

In Windows, go to My Network Places on your PC, find the connection, right click and delete....

Enable Mod Rewrite

Create an .htaccess file with the following contents and upload it to your public_html directory....

Mounting Samba Share in Linux for Startup

The following may be used to mount a samba share via your /etc/fstab file for bootup on...

Password Protect Directories

Within control panel select Password Protection. Select the directory you would like to protect....

I can not get the transfer authorization email can it be forwarded to a different email address?

The authorization has to be authorized by the registered contact for the domain. We cannot change...