I have a PHP file which generates a JSON document.
I've set the header
as follows but am still getting an error.
header('Access-Control-Allow-Origin: *');
header('Content-Type: application/json');
Error message:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://mysubdomain.mydomain.com' is therefore not allowed access.
I've tried explictly allowing mysubdomain.mydomain.com using
header('Access-Control-Allow-Origin: https://mysubdomain.mydomain.com');
But I still get the error.
It doesn't look there is anything wrong with the code that sets the header, but you may want to check if the header is actually being set. Use curl -i http://yourapp
to check the response headers being sent to debug it. Alternatively, you can use the network tab in Google Chrome's web inspector, or the Network tool in Firefox's Web Developer tools.
Such a situation may arise when an error occurs on the requested page. In this case the error page sets headers, that likely has no Access-Control-Allow-Origin header.
with htaccess file you can try to set :
Header always set Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, PATCH,DELETE"
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Credentials "true"
Header always set Access-Control-Allow-Headers "content-type,Authorization,Cache-Control,X-Requested-With, X-XSRF-TOKEN"
or can use for php as:
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Headers: Authorization, Content-Type, x-xsrf-token, x_csrftoken, Cache-Control, X-Requested-With');
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.