Setting CORS headers

[fthues]

We're submitting data to the plugin from a different domain. We're setting the required CORS headers via .htaccess (so the OPTIONS request goes through) but Craft seems to remove them from the actual POST request, which seems to be a problem for Axios.

The way I see it there is no way of overriding the controller to add headers to the response. Any hints as to how to approach this?

Thanks!

[ignism]

Did you ever solve this? I’m running into similar problems.

[steveDL]

I have a similar issue POSTing to http://myurl.com/actions/contact-form/send. CURL returns a bunch of HTML and errors one starting with yii\web\BadRequestHttpException Post request required in /backend/vendor/craftcms/cms/src/web/Controller.php:356

But I guess this is result of not passing it what it needs as its a bad request. I trying to compose a valid request.

[danbrellis]

I know it's an old thread, but for anyone else with the same problem, one way I just solved dealing with the necessary headers for POST requests is to add the header in a custom module:

//modules/Module.php
Craft::$app->getResponse()->getHeaders()->set('Access-Control-Allow-Origin', 'http://localhost:2222');

If that's too open for you, I'm sure you could add conditionals to check the type of request, the action, etc.