0

I got a mod_rewrite problem which i this time just can't figure out myself:

Some Javasript in a page requires to load further JS files which is denied because a CORS-Header is missing (Access-Control-Allow-Origin)

My Server structure

 Root | admin   | index.php 
      | content | (...)
      | system  | wysiwyg | (Files)

My .htaccess in the root directory:

RewriteEngine on

RewriteCond %{HTTP_HOST} ^i.cms.local
RewriteRule ^(.*)$ /content/media/getImage.php?img=$1 [QSA,NC,L]

RewriteCond %{HTTP_HOST} ^(admin|a).cms.local
RewriteRule ^(.*)$ /admin/$1 [L]

RewriteCond %{HTTP_HOST} ^cms.local
RewriteRule ^(.*)$ http://www.cms.local/$1

RewriteCond %{REQUEST_URI} \ /+index\.php\?q=([^&\ ]+)
RewriteRule ^ /%1.html [L,R]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)\.html$ /index.php?q=$1 [L]
RewriteRule ^(.+)/$ index.php?q=$1 [L]

The file im on is index.php in the admin direcory accessd via the subdomain a.cms.local. The additional files would normaly be access by s2.cms.local/wysisyg/.... But to avoid the CORS Header error I need to recieve them from the same URL, right? Si i though i use following link:

http://a.cms.local/wysiwyg/anyfile.js

And then the .htaccess redirects all wysiwyg request into the wysiwyg folder in system folder. Somehow I keep getting a 404 error - Hope someone has an idea?

1 Answers1

0

Found the answer in this similar post: https://stackoverflow.com/a/27990162/1190388 Added following to the htaccess which enable CORS for all urls with the ^orgin cms.local:

SetEnvIf Origin ^(https?://.+\.cms\.local(?::\d{1,5})?)$   CORS_ALLOW_ORIGIN=$1
Header append Access-Control-Allow-Origin  %{CORS_ALLOW_ORIGIN}e   env=CORS_ALLOW_ORIGIN
Header merge  Vary "Origin"
Community
  • 1
  • 1