How can we help?

Help via Chat 24h from monday to friday

Managing cross-origin resource sharing (CORS)

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served. A web page may freely embed cross-origin images, stylesheets, scripts, iframes, and videos. Certain "cross-domain" requests, notably Ajax requests, are forbidden by default by the same-origin security policy.

To enable CORS on your PHP website add the following lines of code to your ".htaccess" file:

<IfModule mod_headers.c>
  Header set Access-Control-Allow-Origin: http://yoursite.com
  Header set Access-Control-Allow-Credentials: true
</IfModule>

This file needs to be published in the website that holds the information to be served.

Change "yoursite.com" for the address of the website that is going to request the file from the server.