×

Welcome to TagMyCode

Please login or create account to add a snippet.
 

cross domain apache

0
0
 
0
Language: PHP
Posted by: bejoy balan
Added: Nov 13, 2014 6:50 AM
Modified: Nov 13, 2014 10:16 AM
Views: 1880
Tags: apache cross domain http_origin
  1. CORS on Apache
  2.  
  3. To add the CORS authorization to the header using Apache, simply add the following line inside either the <Directory>, <Location>, <Files> or <VirtualHost> sections of your server config (usually located in a *.conf file, such as httpd.conf or apache.conf), or within a .htaccess file:
  4.  
  5.   Header set Access-Control-Allow-Origin "*"
  6. Header add Access-Control-Allow-Origin "*"
  7. Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
  8. Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
  9.  
  10. To ensure that your changes are correct, it is strongly reccomended that you use
  11.  
  12. apachectl -t
  13.  
  14. to check your configuration changes for errors. After this passes, you may need to reload Apache to make sure your changes are applied by running the command
  15.  
  16. sudo service apache2 reload
  17. or
  18. apachectl -k graceful
  19.  
  20. Altering headers requires the use of mod_headers. Mod_headers is enabled by default in Apache, however, you may want to ensure it's enabled by run
  21.  
  22. a2enmod headers
  23.  
  24.  
  25. ======================
  26.  
  27.  
  28. <?php
  29.  
  30. // We'll be granting access to only the arunranga.com domain which we think is safe to access this resource as application/xml
  31.  
  32. if($_SERVER['HTTP_ORIGIN'] == "http://arunranga.com")
  33. {
  34.  
  35.     header('Access-Control-Allow-Origin: http://arunranga.com');
  36.     header('Content-type: application/xml');
  37.     readfile('arunerDotNetResource.xml');
  38. }
  39. else
  40. {    
  41. header('Content-Type: text/html');
  42. echo "<html>";
  43. echo "<head>";
  44. echo "   <title>Another Resource</title>";
  45. echo "</head>";
  46. echo "<body>",
  47.     "<p>This resource behaves two-fold:";
  48. echo "<ul>",
  49.         "<li>If accessed from <code>http://arunranga.com</code> it returns an XML document</li>";
  50. echo " <li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,";
  51. echo "you get this HTML document</li>",
  52.     "</ul>",
  53. "</body>",
  54. "</html>";
  55. }
  56. ?>
  57.  
  58.  

1 comment

bejoy balan 8 years ago
Reply
<?php

// We'll be granting access to only the arunranga.com domain which we think is safe to access this resource as application/xml

if($_SERVER['HTTP_ORIGIN'] == "arunranga.com")
{

header('Access-Control-Allow-Origin: arunranga.com');
header('Content-type: application/xml');
readfile('arunerDotNetResource.xml');
}
else
{
header('Content-Type: text/html');
echo "<html>";
echo "<head>";
echo " <title>Another Resource</title>";
echo "</head>";
echo "<body>",
"<p>This resource behaves two-fold:";
echo "<ul>",
"<li>If accessed from <code>arunranga.com</code> it returns an XML document</li>";
echo " <li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,";
echo "you get this HTML document</li>",
"</ul>",
"</body>",
"</html>";
}
?>

Write a comment

To post comments, please log in or register.