If you don't have access to configure Apache, you can still send the header from a PHP script. It's a case of adding the following to your PHP scripts:

 header("Access-Control-Allow-Origin: *");

Note: as with all uses of the PHP header function, this must be before any output has been sent from the server.

Who’s behind this

Monsur Hossain and Michael Hausenblas


The content on this site stays fresh thanks to help from users like you! If you have suggestions or would like to contribute, fork us on GitHub.

Buy the book

Save 39% on CORS in Action with promotional code hossainco at