Apache :: CORS Policy error

Daniel Hidalgo · Joined: 19 Dec 2017 Posts: 2 Location: Costa Rica

I am trying to give access an app outside the domain and is giving me the following error:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://abc.intranet.com' is therefore not allowed access.

i aplied the CORS policy in the conf file:

#~~~~~ Virtual Hosts ~~~~~#
<VirtualHost *>
ServerName CDE.intranet.com
DocumentRoot "/usr/WAS/IBM/assets"
Header always set Access-Control-Allow-Origin:*

but, messed up the sites under the domain

How can i applied the CORS policy to a specific directoy and sudirectory?

Thanks,

James Blond

You can use it inside a <Directory block.

Like

Daniel Hidalgo · Joined: 19 Dec 2017 Posts: 2 Location: Costa Rica

if i add:
<Directory "/usr/WAS/IBM/assets/images">
Header always set Access-Control-Allow-Origin:*
</Directory>

is giving me 403 errors,

so i did:
<Directory "/usr/WAS/IBM/assets/images">
Header always set Access-Control-Allow-Origin "*"
</Directory>

and still getting the CORS error.

Is there a format i should use, or i need to apply another setting?

James Blond

okay a 403 is much better than the CORS error Very Happy

it just means "access denied". So you have to check the permissions. Does the image folder exist? is chmod set correctly? If yes and yes, than you also need to allow the access on apache side. Require all granted