Apache – Allow crossite calls

To Allow crossite calls via Ajax or for Fonts and so one, from specific subdomains:

<IfModule mod_headers.c>
  SetEnvIfNoCase Origin "https?://(www\.|sub1\.|sub2\.|sub3\.|sub4\.)?(ask-sheldon\.com)(:\d+)?$"  AccessControlAllowOrigin=$0
  Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
  Header set Access-Control-Allow-Credentials true
</IfModule>

Or you can place a crossdomain.xml in your DocumentRoot (does not work everywhere)

<?xml version="1.0"?>
<cross-domain-policy>
    <allow-access-from domain="*.ask-another-sheldon.com" />
    <allow-access-from domain="*.ask-anothernother-sheldon.com" />
</cross-domain-policy>

 

Leave a Reply

Your email address will not be published.

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.