CORS Setup Troubles

I’m having trouble with setting up CORS on my domain. My .htaccess on my root currently reads:

Options -indexes
header add Access-Control-Allow-Origin *

Yet I still get:

XMLHttpRequest cannot load [external URL]. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘[my domain]’ is therefore not allowed access.

How should I go about debugging this? I’ve tried adding “header add Access-Control-Allow-Origin *” to the .htaccess at root directory and the subdirectory that I’m calling the api from, but I’m still having the same problems.


Has anyone been able to get header add Access-Control-Allow-Origin “*” to work on Dreamhost? I’ve been trying to get this to work all day without any luck.

It sounds like you have some JavaScript on site A that uses XMLHttpRequest (also called JQuery $.get ) to get some resource from site B.

It sounds like you have added a ‘Access-Control-Allow-Origin’ header to site A.

That won’t work – you need to add the ‘Access-Control-Allow-Origin’ header to site B.

Related thread:

Not Working: Header add Access-Control-Allow-Origin “*”