Hi,
i have trouble with a few websites.
Because there is no Access-Control-Allow-Origin Header that allow the access to cross origin resource.
has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://...' is therefore not allowed access.
In the HeaderRewritePlugin.php i have set
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Credentials', 'true');
$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
$response->headers->set('Access-Control-Allow-Headers', 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type');
after loop to remove certain response headers...
i mean after this part:
// we need content-encoding (in case server refuses to serve it in plain text)
$forward_headers = array('content-type', 'content-length', 'accept-ranges', 'content-range', 'content-disposition', 'location', 'set-cookie');
foreach($response->headers->all() as $name => $value){
// is this one of the headers we wish to forward back to the client?
if(!in_array($name, $forward_headers)){
$response->headers->remove($name);
}
}
I put this header also at the beginning of the index.php...
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type');
When i am call a website with the proxy the header looks okay: (chrome plugin "HTTP HEADERS')
Response Headers
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
but the croos origin resource errors are still there :-/
have you got a tip for me?
Hi, i have trouble with a few websites. Because there is no Access-Control-Allow-Origin Header that allow the access to cross origin resource.
has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://...' is therefore not allowed access.
In the HeaderRewritePlugin.php i have set
after loop to remove certain response headers... i mean after this part:
I put this header also at the beginning of the index.php...
When i am call a website with the proxy the header looks okay: (chrome plugin "HTTP HEADERS')
Response Headers
access-control-allow-credentials
true access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type access-control-allow-methods
GET, POST, OPTIONS access-control-allow-origin *
but the croos origin resource errors are still there :-/ have you got a tip for me?