Problems setting access control (CORS)


Firefox has implemented CORS so I’m attempting to set Access-Control-Allow-Origin using .htaccess. I need to do this for multiple domains. However, when I do this I get a 500 on the server I’m setting it on.

Here’s an example of the code I’m using:

<FilesMatch "\.(otf|ttf)$"> SetEnvIf Origin "^http(s)?://(.+\.)?(sub\.example\.com|website\.com|sub\.another\.com)$" origin_is=$0 Header set Access-Control-Allow-Origin %{origin_is}e env=origin_is </FilesMatch>

Here’s where I got the idea from:

Any idea why this isn’t working on Dreamhost?



That code seems to work for me (after changing the domains in the SetEnvIf, of course). It’s possible that it’s conflicting with something else in your .htaccess, though… no way for me to check that.


Nothing else in my .htaccess. I just setup the domain a couple days ago.[hr]
Blah, never mind, fixed it. I had a previous effort in a .htaccess file a directory higher up than the one I was editing. I forgot I had two open. pebkac.