Skip to content

Instantly share code, notes, and snippets.

@ivanweiler
Created March 20, 2018 11:22
Show Gist options
  • Save ivanweiler/c1c85922270a41fd8af62759d09822f0 to your computer and use it in GitHub Desktop.
Save ivanweiler/c1c85922270a41fd8af62759d09822f0 to your computer and use it in GitHub Desktop.
Magento2 Apache/htaccess CORS headers
<VirtualHost *:80> # Or whatever VHost you're using
# Your other rules
RewriteEngine on
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ "index.html" [R=200,E=API:1,PT]
# This rewrite rule forces any OPTIONS request to return as a valid response.
# It sets the API environment variable for use below.
#
# You can try to put a placeholder file here for the response (index.html)
# Otherwise it'll look like an error page, but it'll return with a 200 response code.
# Since this is intended to pass along the headers below and likely wont be visible,
# it doesn't really matter what the response content is.
<IfModule mod_headers.c>
SetEnvIf Accept application/json API
Header always set Access-Control-Allow-Origin "*" env=API
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" env=API
Header always set Access-Control-Allow-Headers "Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization" env=API
</IfModule>
</VirtualHost>
@miteshdhaduk
Copy link

Thanks, It is working.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment