-2

I am trying to obtain data from a JSON, in local mode I can make it work, I have to enable a CORS extension in chrome and that's it. Then when I have decided to upload the file to the server, on the server side with PHP, I enable the headers as follows

<?php
header("Access-Control-Allow-Origin: *");
?>

y tambien en el .htaccess de la siguiente manera:

 <IfModule mod_headers.c>
   Header set Access-Control-Allow-Origin "*"
 </IfModule>

Access to XMLHttpRequest at 'https://www.siteExample.com/coins/151.json?hr=100' from origin 'https://meSiteExample.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

What else can I do?

tomas
  • 41
  • 1
  • 7
  • Probably duplicate... you can check here for a related question https://stackoverflow.com/questions/29150384/how-to-allow-cross-domain-request-in-apache2. And another here https://stackoverflow.com/questions/42558221/how-to-cors-enable-apache-web-server-including-preflight-and-custom-headers – akDeveloper May 17 '21 at 21:19

2 Answers2

-1

As I read here, Maybe you need use:

Header add Access-Control-Allow-Origin "*"

Instead of :

Header set Access-Control-Allow-Origin "*"

in your .htaccess file.

Also Remember & pay attention '*' will enable CORS for all websites. and it has security risks. if you know your request coming from where , you can filter that by enter domain instead of '*'.
For example:

Header add Access-Control-Allow-Origin "example.com" //OR "localhost"
A.Sarhangian
  • 1
  • 2
-1

use this instead of esterik * Access-Control-Allow-Headers: Accept

Haris ramzan
  • 93
  • 1
  • 3