Skip to content

PHP : No ‘Access-Control-Allow-Origin’ header is present on the requested resource

php

In .htaccess I put it as shown below. But I keep getting an error.

Access to XMLHttpRequest at ‘https:…’ from origin ‘https://…’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Origin "PUT, POST, DELETE, GET, OPTIONS"
Header set Access-Control-Allow-Origin "Accept, Authorization, Content-Type"

RewriteEngine On
Options All -Indexes

# ROUTER WWW Redirect.
RewriteCond %{HTTP_HOST} !^www. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# ROUTER HTTPS Redirect
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# ROUTER URL Rewrite
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
RewriteRule ^(.*)$ index.php?route=/$1 [L,QSA]

Advertisement

Answer

You can only have one Allow origin header so the last one is interpreted.

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "PUT, POST, DELETE, GET, OPTIONS"
Header set Access-Control-Allow-Headers "Accept, Authorization, Content-Type"
User contributions licensed under: CC BY-SA
2 People found this is helpful