Jump to content

Search the Community

Showing results for tags 'CORS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 1 result

  1. Not specificly related to PW, but in a way it does. I have setup two processwire installs on different sub-domains. Scenario: 1. Main website - visitors go here http://www.domain.com/ 2. Data API provider - RESTful API spitting out (cached) JSON objects http://data.domain.com/ Website 1 loads data trough AJAX / Angular.js from website 2 Since PW by default has the following line in the .htaccess file it will prevent access from cross domains requests that load in an iframe Header always append X-Frame-Options SAMEORIGIN One solution i found was to put the following line in my template file (or somekind of init.php file) at website 2, allowing website 1 to access header('Access-Control-Allow-Origin: http://www.domain.com'); That worked nice, until i installed the Procache module from Ryan. A logic change, since PHP is completely bypassed it does'nt set the headers anymore. The final solution: I removed the header line from the php file and put it in the .htaccess file just below the SAMEORIGIN line on website 2 Header always append X-Frame-Options SAMEORIGIN Header set Access-Control-Allow-Origin: "http://www.domain.com" Could be helpful to anybody, thats why i posted it here Update: found a nice script allowing any sub-domain of the origin host http://stackoverflow.com/a/19519690
×
×
  • Create New...