I have the following in my .htaccess
file:
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?:\/\/(www\.)?(inreado\.local|testenv\.inreado\.com|inreado\.com)$" AccessControlAllowOrigin=$0$1
Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
Header set Access-Control-Allow-Credentials true
</IfModule>
I'm trying to set Access-Control-Allow-Origin
header if host is one of the three allowed domains specified in the regexp. But it never does set this header. Here is the request and response:
REQUEST
GET http://inreado.local:8080/ HTTP/1.1
Host: inreado.local:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en,en-US;q=0.8,ru;q=0.6
RESPONSE
HTTP/1.1 404 Not Found
Date: Sun, 22 Mar 2015 09:44:17 GMT
Server: Apache/2.4.10 (Win64) PHP/5.6.3
X-Powered-By: PHP/5.6.3
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
I've tested regexp against http://inreado.local
string here and it should match, so I don't understand where the problem is.
Update
SetEnvIf Origin "http(s)?://(www\.)?(inreado\.local:8080)$" AccessControlAllowOrigin=$1$2
Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
UPDATE : Obviously the first thing to do is to send the
Origin
header in your request ...Your regex is
"http(s)?:\/\/(www\.)?(inreado\.local|testenv\.inreado\.com|inreado\.com)$"
But I believe it doesn't match at all because you need to add the port to this URL regex (since
inreado.local
andinreado.local:8080
are two distinct origins). Thus your header directive is skipped since the env variable is not set.So :
Origin
header in your request.By the way escaping slashes is not necessary in your regex.