LexiConn Knowledgebase

Knowledgebase Home | Favorites Knowledgebase Home | Favorites
Search the Knowledgebase Browse by Category
Enable Cross-origin resource sharing (CORS)
Article Details

Last Updated
16th of September, 2014

User Opinions (7 votes)
85% thumbs up 14% thumbs down

How would you rate this answer?
Helpful
Not helpful
The same-origin policy prevents JavaScript from making requests across domain boundaries, and has spawned various hacks for making cross-domain requests.

CORS introduced a standard mechanism that can be used by all browsers for implementing cross-domain requests. The spec defines a set of headers that allow the browser and server to communicate about which requests are (and are not) allowed.

CORS specification:
http://www.w3.org/TR/cors/

Client side CORS reference (including browser compatibility matrix):
http://enable-cors.org/client.html

To enable CORS via .htaccess, add the following line:

Access-Control-Allow-Origin *

The * represents (allows) all domains and can be substituted for a space delimited list of URLs.

e.g.
Access-Control-Allow-Origin http://www.domain.com https://www.domain.com

Magento users should contact us at support@lexiconn.com to request CORS be enabled in the server configuration file for their domain (required).


Related Articles
No related articles were found.
Attachments
No attachments were found.

Powered by Interspire Knowledge Manager Knowledgebase Software