Header ('Access-Control-Allow-Origin: *'); Do not allow CORS request

Question

Header ('Access-Control-Allow-Origin: *'); Do not allow CORS request

I have a PHP file that creates a JSON document.

I set the header as follows, but still getting an error.

 header('Access-Control-Allow-Origin: *'); header('Content-Type: application/json');

Error message:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://mysubdomain.mydomain.com' is therefore not allowed access.

I tried explicitly allowing mysubdomain.mydomain.com to use

 header('Access-Control-Allow-Origin: https://mysubdomain.mydomain.com');

But I still get the error.

+7

php cors

Luke Nov 25 '13 at 10:27

source share

2 answers

This situation may occur if an error occurs on the requested page. In this case, the error page sets headers that probably don't have an Access-Control-Allow-Origin header.

0

Inpassor Jun 16 '16 at 9:58

source share

Munim · Accepted Answer · 2013-11-26T05:22:42+0000

It does not look like something is wrong with the code that sets the header, but you can check if the header is actually set. Use curl -i http://yourapp to check if response headers are sent to debug it. Alternatively, you can use the network tab in the Google Chrome Web Inspector or the Network tool in Firefox web developer tools.

Header ('Access-Control-Allow-Origin: *'); Do not allow CORS request

More articles: