Cobra Forum

Applicable to:

• Plesk for Linux

Question

How to set up cross-origin resource sharing (CORS) in Plesk to allow example.org to get resources from example.com?


Answer

Note: CORS is supported in the following browsers: Chrome 3+, Firefox 3.5+, Opera 12+, Safari 4+, Internet Explorer 8+

Warning: Only one header Access-Control-Allow-Origin can be added. CORS will not work if the header is defined both in nginx and Apache, or twice for Apache or nginx respectively.

1.Log in to Plesk on the server where the domain example.com is hosted.

2.Go Domains > example.com > Apache & nginx Settings.

3.Add the CORS header:

                                                for Apache

• Add the following line to the field Additional directives for HTTP:

Header set Access-Control-Allow-Origin "http://example.org"


• Add the following line to the field Additional directives for HTTPS:

Header set Access-Control-Allow-Origin "https://example.org"

                                                  for nginx

Add one of the following lines to the field Additional nginx directives, depending on whether website works via HTTP or HTTPS:

add_header 'Access-Control-Allow-Origin' 'http://example.org';
OR

add_header 'Access-Control-Allow-Origin' 'https://example.org';
4.Click OK or Apply at the bottom of the page to apply the changes.

Note: CORS should be enabled on the remote/external server side, from where resources are requested.