soletan
commented
5 years ago I've created https://github.com/cepharum/contao-cors a few days ago while working on a similar approach as provided by this extension here. It's focusing on handling and injecting CORS headers in every request.
Firestorm87
If you host contao on an other server than the SPA i get the following error while calling the REST-API:
Access to XMLHttpRequest at 'http://contao.localhost.local/api/' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.Is it possible to add the configuration of allowed origins?