Configure Apache To Accept Cross-Site XMLHttpRequests on Ubuntu

Update: check out this for more up-to-date instructions: http://enable-cors.org/server_apache.html

1. Make sure you have the mod_headers Apache module installed. to do this check out /etc/apache2/mods-enabled/ and see if there’s a ‘headers.load’ in there. If there isn’t then just sudo ln -s /etc/apache2/mods-available/headers.load /etc/apache2/mods-enabled/headers.load

2. Add the Access-Control-Allow-Origin header to all HTTP responses. You can do this by adding the line Header set Access-Control-Allow-Origin "*" to the desired <Directory> section in your configuration file (like the /etc/apache2/sites-available/default file). Saying "*" will allow cross-site XHR requests from anywhere. You can say "www.myothersite.com" to only accept requests from that origin.

3. Reload apache server. sudo /etc/init.d/apache2 reload

Maybe this is really obvious to a lot of people, but it wasn’t to me, so there you go.

7 thoughts on “Configure Apache To Accept Cross-Site XMLHttpRequests on Ubuntu

  1. WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING

    this can open xxs bugs on your website
    use ony for own domains and never use *
    its always better to only do his where requierd

  2. It worked! :) Wow, using jsonp in javascript requests and adding Header set Access-Control-Allow-Origin “*” in .htaccess were not enough to make the error stop. This did the job.

    Thanks! :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s