CORS Header not set correctly

  • phylu

    (@phylu)


    5 years, 7 months ago

    The following situation: My wordpress site is located as https://example.com

    I am trying to set the Access-Control-Allow-Origin header of my page to https://example.com in order to block all external requests to its API.

    However, this does not seem to have any effect. I can still see the default behaviour as described in the code here: https://developer.ww.wp.xz.cn/reference/functions/rest_send_cors_headers/

    So basically if an Origin header is set, the Access-Control-Allow-Origin will just replay the Origin header instead of the value that I have configured. I have no idea how to resolve this. Any help is highly appreciated.

    Best regards
    Phylu

The topic ‘CORS Header not set correctly’ is closed to new replies.