About
This article shows you how to enable CORS for an Apache Web Server
Steps
To configure cors on a Apache server, you may do it:
- in a htaccess file
- or via the mod_headers module.
htaccess
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
mod_headers
- in the Apache configuration file with the mod_headers module enabled.
<!-- for directory -->
<Directory "/path/to/dir">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
</Directory>
<!-- for specific file -->
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
Header Set Access-Control-Allow-Origin "*"
</IfModule>
</FilesMatch>
<!-- Mutliple Domain -->
<FilesMatch "\.(ttf|otf|eot|woff)$">
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(google.com|staging.google.com|development.google.com)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
</IfModule>
</FilesMatch>