How to set up cross-origin resource sharing (CORS) in Plesk to allow example.org to get resources from example.com?
Note: CORS is supported in the following browsers: Chrome 3+, Firefox 3.5+, Opera 12+, Safari 4+, Internet Explorer 8+
Warning: Only one header
Access-Control-Allow-Origin can be added. CORS will not work if the header is defined both in nginx and Apache, or twice for Apache or nginx respectively.
Log in to Plesk on the server where the domain example.com is hosted.
Go Domains > example.com > Apache & nginx Settings.
Add the CORS header:
Add the following line to the field Additional directives for HTTP:
Header set Access-Control-Allow-Origin “http://example.org”
Add the following line to the field Additional directives for HTTPS:
Header set Access-Control-Allow-Origin “https://example.org”
Add one of the following lines to the field Additional nginx directives, depending on whether website works via HTTP or HTTPS:
add_header ‘Access-Control-Allow-Origin’ ‘http://example.org’;
add_header ‘Access-Control-Allow-Origin’ ‘https://example.org’;
Click OK or Apply at the bottom of the page to apply the changes.