I'm trying to put in the Access-Control-Allow-Origin: * statement into the HTTP Response Header, since that's what everything is saying to get past the CORs issue (I'm trying to code with p5.js). My question is: where exactly does this statement go and how do I get there?
I can not find a basic answer anywhere and I can't really move on without it.
Thank you!
You put that inside a file called .htaccess and put that inside the root folder of your website.
Save the below to a file called .htaccess and you're done.
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
This statement/response header must be present in the response from the server you are connecting to. Because of this, it varies based on which server, frameworks, and languages you are using.
If you are connecting to a PHP script, you can actually manage CORS direction within the script using the header(...) function. See this question for more details: CORS with php headers The same can be done in many other languages; although, I cannot give an example at this moment.
If the language you are using does not allow CORS to be defined within the code, or if you would simply prefer to manage CORS in another way, then you will probably have to rely on the server framework. If you are using an Apache HTTP Server, then you can modify the .htaccess file in the directory (like Simon pointed out in his answer). There are maybe 1 or 2 others ways to do this on Apache, but I would have to look over my apache configuration to remember all of the other ways. Regardless, .htaccess is usually the best way to do it in Apache so you can selectively enable on a per-file or per-directory basis, rather than authorizing CORS for your entire server, as that is a possible security risk for most websites. If you need more details for Apache, check out this AwesomeToast blog post about it. NGINX is also quite popular, but unfortunately, I have never worked with NGINX, so I cannot provide much help there. If you are using NGINX, here is a writeup about how to enable CORS in a NGINX environment: Enable CORS on NGINX
There are of course many other languages and server frameworks that support CORS, so if none of those mentioned above match your situation, then you might find some instructions for your specific environment/set-up on www.Enable-CORS.org. If you cannot seem to locate instructions for your situation or if you have problems enabling CORS on your server, then please feel free to leave a comment specifying your environment and I will attempt to help you out with getting CORS working.
