Why CORS isn't working with this configuration?

Question

I've a mixed situation:

Ubuntu server 18.04
Apache 2.4.29
Mono and mod_mono enabled

A mixed situation about pages: - php pages - ASMX .NET web service

Finally, a WebGL application on a CDN.

So, user get my WebGL app on cdn.mywebsite.com . WebGL app must communicate with my asmx .net webservice.

But i'm getting the classic error:

..has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

I've added: - In .htacces file

<IfModule mod_headers.c>
  Header add Access-Control-Allow-Origin "*" 
</IfModule>

But also in web.config file (because there's my web service also running):

 <system.webServer>
    <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,OPTIONS"/>
        <add name="Access-Control-Allow-Headers" value="Content-Type"/>
      </customHeaders>
    </httpProtocol>
  </system.webServer>

I've also enabled headers apache mod.

What can be the reason CORS is not working ?

score 0 · Accepted Answer · answered May 02 '19 at 07:28

I solved using another SO solution:

handling CORS preflight request in Apache

By looking around more I found you could do this using the rewrite, e.g:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]
(make sure you enable the rewrite mod)

Then you should use, the "always set" to set the headers, e.g:

Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS"

Why CORS isn't working with this configuration?

1 Answers1