6

I'm trying to enable CORS in WordPress and I've placed this line of code in my header.php file

header("Access-Control-Allow-Origin: *");

Then I tested to see if it works via this page http://client.cors-api.appspot.com/client

The response I get is: 

Fired XHR event: loadstart
Fired XHR event: readystatechange
Fired XHR event: error

XHR status: 0
XHR status text: 
Fired XHR event: loadend

I'm not sure what I'm doing wrong here, anybody able to help me out?

Gufran Hasan
  • 8,910
  • 7
  • 38
  • 51
user2028856
  • 3,063
  • 8
  • 44
  • 71
  • You can view the request in Chrome's Network tab. This will show you whether the response has the correct header or not. – monsur Jun 17 '13 at 16:11
  • I would put the header() call in your wp-config.php I'm pretty sure when header.php is called headers have already been sent. – Patrick Forget Sep 25 '14 at 20:35
  • Alternatively, you can configure your server to send the header: http://enable-cors.org/server.html – Nikolay Yordanov Oct 18 '14 at 12:24
  • Possible duplicate of [How to enable CORS on a Wordpress Subdomain?](http://stackoverflow.com/questions/38378729/how-to-enable-cors-on-a-wordpress-subdomain) – Phill Healey Aug 19 '16 at 21:13

1 Answers1

-1

You can also enable CORS directly in Apache by including the line:

Header set Access-Control-Allow-Origin "*"

Include this line within the <Directory>, <Location>, <Files> or <VirtualHost> sections of your server config (usually located in a *.conf file, such as httpd.conf or apache.conf), or within a .htaccess file.

Additional information, including how to check for errors and/or reboot apache at https://enable-cors.org/server_apache.html

riot
  • 307
  • 3
  • 7