I’m trying to allow all subdomains under my main domain to get assets from each other. Fx. mydomain.com and test.mydomain.com should be able to access cdn.mydomain.com without being blocked.
I found this SO question that covers it, but I can’t get it working… My “cdn.mydomain.com.conf” virtual host file looks like this;
<VirtualHost *:80>
ServerName cdn.mydomain.com
ServerAdmin admin@mydomain.com
DocumentRoot /var/www/cdn
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#Header set Access-Control-Allow-Origin "*"
<IfModule mod_rewrite.c>
<IfModule mod_headers.c>
SetEnvIf Origin ^(https?://(?:.+\.)?mydomain\.com(?::\d{1,5})?)$ CORS_ALLOW_ORIGIN=$1
Header append Access-Control-Allow-Origin %{CORS_ALLOW_ORIGIN}e env=CORS_ALLOW_ORIGIN
Header merge Vary "Origin"
</IfModule>
</IfModule>
</VirtualHost>
<Directory /var/www/cdn>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Is the “stolen” content from the SO-question placed in the right place? I still get;
Access to font at 'https://cdn.mydomain.com/test.ttf' from origin 'https://sub.mydomain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
What am I missing?
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
The problem was cloudflare afterall. Purging the cache worked, and adding “Header always” also helped.