I have a PHP file which generates a JSON document.
I’ve set the
header as follows but am still getting an error.
header('Access-Control-Allow-Origin: *'); header('Content-Type: application/json');
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://mysubdomain.mydomain.com' is therefore not allowed access.
I’ve tried explictly allowing mysubdomain.mydomain.com using
But I still get the error.
It doesn’t look there is anything wrong with the code that sets the header, but you may want to check if the header is actually being set. Use
curl -i http://yourapp to check the response headers being sent to debug it. Alternatively, you can use the network tab in Google Chrome’s web inspector, or the Network tool in Firefox’s Web Developer tools.
Such a situation may arise when an error occurs on the requested page. In this case the error page sets headers, that likely has no Access-Control-Allow-Origin header.
with htaccess file you can try to set :
Header always set Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, PATCH,DELETE" Header always set Access-Control-Allow-Origin "*" Header always set Access-Control-Allow-Credentials "true" Header always set Access-Control-Allow-Headers "content-type,Authorization,Cache-Control,X-Requested-With, X-XSRF-TOKEN"
or can use for php as:
header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, PATCH, DELETE'); header('Access-Control-Allow-Credentials: true'); header('Access-Control-Allow-Headers: Authorization, Content-Type, x-xsrf-token, x_csrftoken, Cache-Control, X-Requested-With');