.htaccess CORS

Posted at

Header unset Access-Control-Allow-Methods
Header unset Access-Control-Allow-Origin
Header unset Access-Control-Allow-Headers
Header unset Access-Control-Expose-Headers
Header unset Access-Control-Allow-Credentials
Header unset Timing-Allow-Origin

Header set Access-Control-Allow-Methods "CONNECT,GET,HEAD,OPTIONS,PING,POST,TRACE"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Accept,Accept-Charset,Accept-Encoding,Accept-Language,Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Access-Control-Request-Headers,Access-Control-Request-Method,Cache-Control,Connection,Content-Description,Content-Encoding,Content-Language,Content-Length,Content-Transfer-Encoding,Content-Type,Cookie,Date,DNT,Expires,Host,If-Modified-Since,Keep-Alive,Last-Modified,Origin,Pragma,Referer,Remote-Address,Server,Set-Cookie,Timing-Allow-Origin,Transfer-Encoding,User-Agent,Vary,X-Content-Type-Options,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Port,X-Forwarded-Proto,X-Forwarded-Server,X-HTTP-Method-Override,X-Modified,X-OTHER,X-PING,X-PINGOTHER,X-Powered-By,X-Real-IP,X-Requested-With"
Header set Access-Control-Expose-Headers "Accept,Accept-Charset,Accept-Encoding,Accept-Language,Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Access-Control-Request-Headers,Access-Control-Request-Method,Cache-Control,Connection,Content-Description,Content-Encoding,Content-Language,Content-Length,Content-Transfer-Encoding,Content-Type,Cookie,Date,DNT,Expires,Host,If-Modified-Since,Keep-Alive,Last-Modified,Origin,Pragma,Referer,Remote-Address,Server,Set-Cookie,Timing-Allow-Origin,Transfer-Encoding,User-Agent,Vary,X-Content-Type-Options,X-CustomHeader,X-Forwarded-For,X-Forwarded-Host,X-Forwarded-Port,X-Forwarded-Proto,X-Forwarded-Server,X-HTTP-Method-Override,X-Modified,X-OTHER,X-PING,X-PINGOTHER,X-Powered-By,X-Real-IP,X-Requested-With"
Header set Access-Control-Allow-Credentials "true"
Header set Timing-Allow-Origin "*"