Apache – Allow crossite calls

To Allow crossite calls via Ajax or for Fonts and so one, from specific subdomains:

<IfModule mod_headers.c>
  SetEnvIfNoCase Origin "https?://(www\.|sub1\.|sub2\.|sub3\.|sub4\.)?(ask-sheldon\.com)(:\d+)?$"  AccessControlAllowOrigin=$0
  Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
  Header set Access-Control-Allow-Credentials true

Or you can place a crossdomain.xml in your DocumentRoot (does not work everywhere)

<?xml version="1.0"?>
    <allow-access-from domain="*.ask-another-sheldon.com" />
    <allow-access-from domain="*.ask-anothernother-sheldon.com" />


Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.