Access-Control-Allow-Origin (CORS)

CORS (resource sharing between different sources) is browser technology that allows a web page to access resources from another domain.

To enable CORS in Apache2, you must first activate the headers module, in Ubuntu Server, you can do this with the command:

sudo a2enmod headers

Then you need to enable the configuration for a specific site in the VirtualHost section or in the .htaccess file by adding the following line:

Header set Access-Control-Allow-Origin "*"

You can check for example on this site:
https://www.webconfs.com/http-header-check.php

If HAProxy is used on the server, then you also need to make the settings, add one line at the end of the frontend section:

capture request header origin len 128

And the second at the end of the backend section:

http-response set-header Access-Control-Allow-Origin %[capture.req.hdr(0)]

Done.

Leave a comment

Leave a Reply