Need to enable CORS

Hi guys

I have a WordPress site that I’ve developed a mobile app for, in the app I’d like to download some of the WordPress image files to store locally on the users device but I’m battling with CORS.

I’ve added the necessary header to the .htaccess as I’ve purged the CloudFlare cache as per the guide but it’s still not working and failing with the error that CORS needs to be enabled, I’m using this to test… Online Web service testing tool - Automated API testing

Any idea’s on what I’m missing?

Cloudflare won’t strip CORS headers, so likely you have not set them correctly at your origin.

To check your domain without Cloudflare to ensure the headers exist, use cURL at the commandline:

curl -svo /dev/null https://example.com/my-cors-url --connect-to ::1.2.3.4 --ipv4

Replace https://example.com/my-cors-url with the URL where you added your CORS headers and 1.2.3.4 with your origin server IP.

If you don’t see the CORS headers in that response, then your .htaccess setting hasn’t worked.

Hi Simon

Thanks for the reply, looks like the problem is actually my hosting provider. I spoke to their support and they confirmed that they do not allow CORS on shared hosting.

1 Like

Providing they don’t consider CORS headers to be some form of ToS violation, you can use Cloudflare Workers to add these to your responses if you need to and you’re comfortable writing Javascript code.

There’s a couple of examples of code in our dev docs you can use for inspiration:

https://developers.cloudflare.com/workers/examples/alter-headers
https://developers.cloudflare.com/workers/examples/cors-header-proxy

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.