Question
How to set up cross-origin resource sharing (CORS) in Plesk to allow example.org to get resources from example.com?
Answer
Note: CORS is supported in the following browsers: Chrome 3+, Firefox 3.5+, Opera 12+, Safari 4+, Internet Explorer 8+
Warning: Only one header Access-Control-Allow-Origin can be added. CORS will not work if the header is defined both in nginx and Apache, or twice for Apache or nginx respectively.
-
Log in to Plesk on the server where the domain example.com is hosted.
-
Go Domains > example.com > Apache & nginx Settings.
-
Add the CORS header:
for Apache
-
Add the following line to the field Additional directives for HTTP:
Header set Access-Control-Allow-Origin "http://example.org"
-
Add the following line to the field Additional directives for HTTPS:
Header set Access-Control-Allow-Origin "https://example.org"
for nginx
Add one of the following lines to the field Additional nginx directives, depending on whether website works via HTTP or HTTPS:
add_header 'Access-Control-Allow-Origin' 'http://example.org';
OR
add_header 'Access-Control-Allow-Origin' 'https://example.org';
-
-
Click OK or Apply at the bottom of the page to apply the changes.
Note: CORS should be enabled on the remote/external server side, from where resources are requested.