Mailing List Archive

How to enable CORS in Apache?
Hello,
I read "https://ubiq.co/tech-blog/set-access-control-allow-origin-cors-headers-apache/#:~:text=CORS%20in%20Apache-,To%20set%20Access%2DControl%2DAllow%2DOrigin%20header%20in%20Apache,VirtualHost%3E%20sections%20of%20your%20file.&text=The%20above%20line%20will%20allow,requests%20from%20all%20other%20domains." and I want to enable CORS in the Apache. I have a Virtual Host file under the "/etc/httpd/conf.d/" directory. I opened it and added below line to the "<VirtualHost *:80>...</VirtualHost>" section:

Header set Access-Control-Allow-Origin "My_Web_Site.com"

Is it enough?

Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: How to enable CORS in Apache? [ In reply to ]
On Sun, Sep 5, 2021 at 5:11 AM Jason Long <hack3rcon@yahoo.com.invalid> wrote:
>
> Hello,
> I read "https://ubiq.co/tech-blog/set-access-control-allow-origin-cors-headers-apache/#:~:text=CORS%20in%20Apache-,To%20set%20Access%2DControl%2DAllow%2DOrigin%20header%20in%20Apache,VirtualHost%3E%20sections%20of%20your%20file.&text=The%20above%20line%20will%20allow,requests%20from%20all%20other%20domains." and I want to enable CORS in the Apache. I have a Virtual Host file under the "/etc/httpd/conf.d/" directory. I opened it and added below line to the "<VirtualHost *:80>...</VirtualHost>" section:
>
> Header set Access-Control-Allow-Origin "My_Web_Site.com"
>
> Is it enough?

There's a good chance it results in the header being set, but this
takes about 30 seconds to verify and you're the only one who can do
it.

If there are really two domains involved here and you have an actual
CORS error/requirement, the odds of this being enough without any
testing/iteration are probably lower. For that you'll have to
understand CORS and use your browsers developer tools to check your
work as you go.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: How to enable CORS in Apache? [ In reply to ]
Thanks.
I found "https://www.test-cors.org/" to test the CORS. How about the values of the "Request Headers" and "Request Content" fields? Can you show me an example?





On Sunday, September 5, 2021, 05:02:15 PM GMT+4:30, Eric Covener <covener@gmail.com> wrote:





On Sun, Sep 5, 2021 at 5:11 AM Jason Long <hack3rcon@yahoo.com.invalid> wrote:
>
> Hello,
> I read "https://ubiq.co/tech-blog/set-access-control-allow-origin-cors-headers-apache/#:~:text=CORS%20in%20Apache-,To%20set%20Access%2DControl%2DAllow%2DOrigin%20header%20in%20Apache,VirtualHost%3E%20sections%20of%20your%20file.&text=The%20above%20line%20will%20allow,requests%20from%20all%20other%20domains." and I want to enable CORS in the Apache. I have a Virtual Host file under the "/etc/httpd/conf.d/" directory. I opened it and added below line to the "<VirtualHost *:80>...</VirtualHost>" section:
>
> Header set Access-Control-Allow-Origin "My_Web_Site.com"
>
> Is it enough?

There's a good chance it results in the header being set, but this
takes about 30 seconds to verify and you're the only one who can do

it.


If there are really two domains involved here and you have an actual
CORS error/requirement, the odds of this being enough without any
testing/iteration are probably lower. For that you'll have to
understand CORS and use your browsers developer tools to check your
work as you go.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: How to enable CORS in Apache? [ In reply to ]
On Sun, Sep 5, 2021 at 9:45 AM Jason Long <hack3rcon@yahoo.com.invalid> wrote:
>
> Thanks.
> I found "https://www.test-cors.org/" to test the CORS. How about the values of the "Request Headers" and "Request Content" fields? Can you show me an example?

Setting up CORS presupposes you have some API behind a URL on one
domain you want to expose to be called from another domain.
If the thing that processes that URL expects custom request headers or
a request body to do its job, type them out in the GUI.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: How to enable CORS in Apache? [ In reply to ]
Type the URL in the "Request Headers" and "Request Content" fields?






On Sunday, September 5, 2021, 06:52:50 PM GMT+4:30, Eric Covener <covener@gmail.com> wrote:





On Sun, Sep 5, 2021 at 9:45 AM Jason Long <hack3rcon@yahoo.com.invalid> wrote:
>
> Thanks.
> I found "https://www.test-cors.org/" to test the CORS. How about the values of the "Request Headers" and "Request Content" fields? Can you show me an example?

Setting up CORS presupposes you have some API behind a URL on one
domain you want to expose to be called from another domain.
If the thing that processes that URL expects custom request headers or
a request body to do its job, type them out in the GUI.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org