You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
i have trouble with a few websites.
Because there is no Access-Control-Allow-Origin Header that allow the access to cross origin resource.
has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://...' is therefore not allowed access.
In the HeaderRewritePlugin.php i have set
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Credentials', 'true');
$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
$response->headers->set('Access-Control-Allow-Headers', 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type');
after loop to remove certain response headers...
i mean after this part:
// we need content-encoding (in case server refuses to serve it in plain text)
$forward_headers = array('content-type', 'content-length', 'accept-ranges', 'content-range', 'content-disposition', 'location', 'set-cookie');
foreach($response->headers->all() as $name => $value){
// is this one of the headers we wish to forward back to the client?
if(!in_array($name, $forward_headers)){
$response->headers->remove($name);
}
}
I put this header also at the beginning of the index.php...
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type');
When i am call a website with the proxy the header looks okay: (chrome plugin "HTTP HEADERS')
Response Headers
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
but the croos origin resource errors are still there :-/
have you got a tip for me?
The text was updated successfully, but these errors were encountered:
Hi,
i have trouble with a few websites.
Because there is no Access-Control-Allow-Origin Header that allow the access to cross origin resource.
has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://...' is therefore not allowed access.
In the HeaderRewritePlugin.php i have set
after loop to remove certain response headers...
i mean after this part:
I put this header also at the beginning of the index.php...
When i am call a website with the proxy the header looks okay: (chrome plugin "HTTP HEADERS')
Response Headers
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
but the croos origin resource errors are still there :-/
have you got a tip for me?
The text was updated successfully, but these errors were encountered: