Why does AAPANEL and APACHE ignore my CORS headers in my scripts. I have my php scripts setup with a headers so I can access them form other domains and localhost like this. Thye worked on my old apache server but for some reason i can't get them to work on this one. I've set it up with this in my script header("Access-Control-Allow-Origin: *"); header('Access-Control-Allow-Credentials: true'); header('Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, JSON'); header('Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With'); header('Access-Control-Max-Age: 86400'); if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } but when i call to it from another site using lets say ionic or javascript I get "Access to fetch at 'the php script' from origin ' https://wttionline.org ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."

[unknown] I’m facing the same issue calling my api from react app. I tried adding “Access-Control-Allow-Headers: *” in .htaccess. Still can’t fetch data from react app.

Why does AAPANEL and APACHE ignore my CORS headers in my scripts

aaP_dcunningham

Why does AAPANEL and APACHE ignore my CORS headers in my scripts. I have my php scripts setup with a headers so I can access them form other domains and localhost like this. Thye worked on my old apache server but for some reason i can't get them to work on this one.

I've set it up with this in my script

   header("Access-Control-Allow-Origin: *");
   header('Access-Control-Allow-Credentials: true');
   header('Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, JSON');
   header('Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With');
   header('Access-Control-Max-Age: 86400');

but when i call to it from another site using lets say ionic or javascript I get

"Access to fetch at 'the php script' from origin 'https://wttionline.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."