Configure apache 2.4 on Ubuntu 14.04 for to enable CORS

Question

I've this HTML / Javascript code ....

<html>
  <head>
    <meta charset='utf-8' />
    <title>Title</title>
    <meta name='viewport' content='initial-scale=1,maximum-scale=1,user-scalable=no' />
    <!-- *** References for JQuery ... -->
    <script src="http://code.jquery.com/jquery-3.3.1.min.js"></script>
  </head>
  <body>
    <script>
        var city= "Torino";
        $.ajax({
          url: "http://www.mysite1.org/cesarefortelegram/Telegram/OpenProntoSoccorso/API/getProntoSoccorsoDetailsByMunicipality.php?",
          method: "GET",
          crossDomain: true,
          data: {municipality: city, distance:0}
        })
        .done(function(output) {
            alert("OK!");
        })
        .fail(function() {
          // handle error response
          alert("KO!");
      })
    </script>
  </body>
</html>

... published here ...

http://www.mysite2.com/OpenProntoSoccorso/WebMapping/test2.html

In the web server (Apache 2.4 on Ubuntu 14.04) http://www.mysite1.org/.... I've modified my apache2.conf file in this way ....

<Directory /var/www/cesarefortelegram>
        Order Allow,Deny
        Allow from all
        AllowOverride all
        Header set Access-Control-Allow-Origin "*"
</Directory>

following these instructions How to allow Cross domain request in apache2.

I've still the following error in my web browser console (Network tab ..)

Failed to load http://www.mysite1.org/cesarefortelegram/Telegram/OpenProntoSoccorso/API/getProntoSoccorsoDetailsByMunicipality.php?&municipality=Torino&distance=0: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.mysite2.com' is therefore not allowed access.

Where am I doing wrong?

Thanks in advance

score 1 · Answer 1 · answered Mar 15 '18 at 21:00

I've found that there was an error in my apache2.conf file ....

This is the right configuration (forgot "html" after "www" .. sorry ...) ...

<Directory /var/www/html/cesarefortelegram>
        Order Allow,Deny
        Allow from all
        AllowOverride all
        Header set Access-Control-Allow-Origin "*"
</Directory>

All works fine now ...

score 0 · Answer 2 · answered Nov 18 '19 at 14:54

Ubuntu Apache2 solution that worked for me .htaccess edit did not work for me I had to modify the conf file.

nano /etc/apache2/sites-available/mydomain.xyz.conf

<IfModule mod_ssl.c>
    <VirtualHost *:443>

        ServerName mydomain.xyz
        ServerAlias www.mydomain.xyz

        ServerAdmin support@mydomain.xyz
        DocumentRoot /var/www/mydomain.xyz/public

        ### following three lines are for CORS support
        Header add Access-Control-Allow-Origin "*"
        Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
        Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLCertificateFile /etc/letsencrypt/live/mydomain.xyz/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.xyz/privkey.pem

    </VirtualHost>
</IfModule>

then type the following command

a2enmod headers

Configure apache 2.4 on Ubuntu 14.04 for to enable CORS

2 Answers2

then type the following command

make sure cache is clear before trying