Enabled Cross Origin Resource Sharing in .htaccess does not work

Question

I created a .htaccess file on my image server (maptile.org).

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

I enabled mod-headers using a2enmod headers I tested that it was enabled with apachectl -M and it listed headers_module (shared)

This was recommended in the question: Header set Access-Control-Allow-Origin in .htaccess doesn't work

However when I try to save a map as an image (using html2canvas) it gives me an error in the console http://www.justicemap.org/?id=63

The error:

Image from origin 'http://maptile.org' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.justicemap.org' is therefore not allowed access.

The Save as Image function works when the images are stored on the justicemap.org domain.

When I use html2canvas the request method is "GET", the response status code is "200", and the mimeType is "image/png". I do not see the Access-Control-Allow-Origin header.

Do I need to add an Origin header? I don't see one when I examine the requests in the Chrome Javascript console.

Answer 1

Turns out I wasn't running Apache. I was using Lighttpd. I didn't realize this because Cloudflare replaced the server header with: Server:cloudflare-nginx.

I was able to configure Lighttpd to work using this recommendation.

Answer 2

I had the same problem and solved by setting the crossOrigin option to null, like this:

layers: [
  new ol.layer.Tile({
    source: new ol.source.OSM({
      url: 'http://tile-server-ip/osm/{z}/{x}/{y}.png',
      crossOrigin: null
    })
  })
],