clarkk
Reputation: 27669
Access-Control-Allow-Origin not allowed
Why to I get this error when the URL already is in the Access-Control-Allow-Origin header!?
error
XMLHttpRequest cannot load http://cdn.localhost/data/voucher/16_ead32751b66fd6c7856b7db0e186574df37a7d08.pdf. Origin http://secure.localhost is not allowed by Access-Control-Allow-Origin.
Refused to get unsafe header "Accept-Ranges"
htaccess (cdn.localhost)
Header add Access-Control-Allow-Origin "http://secure.localhost"
Upvotes: 1
Views: 2762
Answers (2)
covener
Reputation: 17872
The spec for Access-Control-Allow-Origin talks about a space-separated URL syntax. Perhaps the 2nd occurrence of the header overwrites the first in the client -- try the multi-value version in a single header.
Upvotes: 0
Prasanth
Reputation: 5258
Also try sending the following headers from this post:
// Specify domains from which requests are allowed
header('Access-Control-Allow-Origin: *');
// Specify which request methods are allowed
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
// Additional headers which may be sent along with the CORS request
// The X-Requested-With header allows jQuery requests to go through
header('Access-Control-Allow-Headers: X-Requested-With');
// Set the age to 1 day to improve speed/caching.
header('Access-Control-Max-Age: 86400');
Upvotes: 2
Related Questions
- Header set Access-Control-Allow-Origin in .htaccess doesn't work
- header('Access-Control-Allow-Origin: *'); Not allowing CORS request
- Why header access-control-allow-origin not working?
- No 'Access-Control-Allow-Origin' header is present on the requested resource"
- CORS (Access Control Allow Origin) on Apache Proxy issue
- getting error of Access-Control-Allow-Origin header
- Access-Control-Allow-Origin not working at all
- The 'Access-Control-Allow-Origin' header with apache
- Access-Control-Allow-Origin Error : i tried setting headers to allow domains but still not working,
- Access-Control-Allow-Origin headers not working