Title: Headers duplicates
Last modified: June 18, 2021

---

# Headers duplicates

 *  Resolved [dovich](https://wordpress.org/support/users/dovich/)
 * (@dovich)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/headers-duplicates/)
 * In `https://wordpress.org/support/plugin/wp-rest-cache/` line 361
 * rest_send_cors_headers() actually duplicates the headers set in my nginx config.
   Need some option on dashboard to prevent sending headers from plugin.

Viewing 15 replies - 1 through 15 (of 15 total)

 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14577581)
 * Hi [@dovich](https://wordpress.org/support/users/dovich/)
 * Thank you for using our plugin!
 * The `rest_send_cors_headers()` function is an almost exact copy of the same function
   from the WordPress core (`wp-includes/rest-api.php`). So if you are having problems
   with our plugin I would think you would also have problems when using the default
   REST API provided by WordPress? And if so I would say it is a problem with your
   nginx configuration?
    Could you confirm you are having the same problems when
   not using our plugin?
 *  Thread Starter [dovich](https://wordpress.org/support/users/dovich/)
 * (@dovich)
 * [4 years, 11 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14591379)
 * Hi, Richard.
 * Thank you for your plugin!
 * I completely forgot tell you about a “little” detail – default WP rest headers
   is disbled, and it’s possible directly from my code: `remove_filter( 'rest_pre_serve_request','
   rest_send_cors_headers' );`
 * So there is no problem with my nginx configuration, and all headers are controled
   by nginx (production necessity).
 * I just asked you about the possibility to somehow disable sending headers in 
   your plugin – be it a filter or an option in the admin panel.
 * Thank you.
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 10 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14639818)
 * Hi [@dovich](https://wordpress.org/support/users/dovich/)
 * Sorry for the late reply.
 * Ok, that is clear. We will add a filter in our next release, allowing you to 
   disable the sending of the CORS headers (`wp_rest_cache/disable_cors_headers`).
 *  Thread Starter [dovich](https://wordpress.org/support/users/dovich/)
 * (@dovich)
 * [4 years, 10 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14668012)
 * Thank You!
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14874429)
 * Hi [@dovich](https://wordpress.org/support/users/dovich/)
 * Sorry, it took a bit longer than intended, but we just released a new version
   of our plugin which includes the mentioned filter.
 *  Thread Starter [dovich](https://wordpress.org/support/users/dovich/)
 * (@dovich)
 * [4 years, 8 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-14880933)
 * Thank you, Richard. I really appreciate your work.
 *  [lorenzocroccolino](https://wordpress.org/support/users/lorenzocroccolino/)
 * (@lorenzocroccolino)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15004577)
 * Hi, I appreciate a lot the CORS update but unfortunately, I am not able to make
   it works properly.
    I’m adding the line `apply_filters( 'wp_rest_cache/disable_cors_headers',
   true )` inside my functions.php but nothing change, I still have a header duplication.
 * Can you kindly explain what I am doing wrong? Thanks a lot.
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15006732)
 * Hi [@lorenzocroccolino](https://wordpress.org/support/users/lorenzocroccolino/)
 * Thank you for using our plugin!
 * First of all you have to use the function `add_filter` instead of `apply_filters`
   and second you have to actually return a value. So in your case you could use
   this:
    `add_filter( 'wp_rest_cache/disable_cors_headers', '__return_true' );`
    -  This reply was modified 4 years, 7 months ago by [Richard Korthuis](https://wordpress.org/support/users/rockfire/).
 *  [matteocollina](https://wordpress.org/support/users/matteocollina/)
 * (@matteocollina)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15006857)
 * Hi [@rockfire](https://wordpress.org/support/users/rockfire/)
 * I’ve just tried your snippet but it doesn’t work, I received two header **access-
   control-allow-origin**
 *     ```
       function initCors( $value , $requestUri = null ) {
       header_remove("Access-Control-Allow-Origin");
       return $value;
       }
   
       add_action( 'rest_api_init', function()
       {
       remove_filter( 'rest_pre_serve_request','rest_send_cors_headers' );
       add_filter( 'rest_pre_serve_request', initCors);
   
       },
        15 );
   
       add_filter( 'wp_rest_cache/disable_cors_headers', '__return_false' );
       ```
   
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15006910)
 * [@matteocollina](https://wordpress.org/support/users/matteocollina/)
 * Oops `'__return_false'` should have been `'__return_true'`, my mistake. I have
   changed my previous message to correct this error.
 *  [matteocollina](https://wordpress.org/support/users/matteocollina/)
 * (@matteocollina)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15006958)
 * [@rockfire](https://wordpress.org/support/users/rockfire/) sorry but it doesn’t
   work also with `__return_true`
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15006989)
 * Hi [@matteocollina](https://wordpress.org/support/users/matteocollina/)
 * Did you clear your cache before retrying (after adding the code)?
 *  [matteocollina](https://wordpress.org/support/users/matteocollina/)
 * (@matteocollina)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15007069)
 * Hi [@rockfire](https://wordpress.org/support/users/rockfire/) .
 * Yes I cleared the entire cache.
 * I follow this steps:
 * 1- Added `add_filter( 'wp_rest_cache/disable_cors_headers', '__return_true' );`
   to _plugin.php_
    2- Cleared the cache with _Clear Rest Cache_ button. 3- Get 
   the URL the first time and it works without cache (I have in the response headers
   only `access-control-allow-origin: *`) 4- Get the same URL the second time and
   it doesn’t work (I have two `access-control-allow-origin` header: **\*** and **
   [http://www.mydomain.com](http://www.mydomain.com)**)
    -  This reply was modified 4 years, 7 months ago by [matteocollina](https://wordpress.org/support/users/matteocollina/).
 *  Plugin Author [Richard Korthuis](https://wordpress.org/support/users/rockfire/)
 * (@rockfire)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15007717)
 * [@matteocollina](https://wordpress.org/support/users/matteocollina/)
 * It is no good when you try to answer questions too quickly 😉 One small detail
   I forgot to mention is that you cannot use this filter from a theme or plugin,
   sorry for that. Our plugin loads as a must use plugin in order to be able to 
   hook into the REST API as soon as possible and skip any loading of themes and/
   or plugins is a cache is found. Because of this your code isn’t executed if a
   cache is found, so to use this hook you would have to create a mu-plugin which
   is loaded before our mu-plugin (i.e. it should alfabetically be before `wp-rest-
   cache`).
    So the simplest solution would be to create a file `disable-cors-headers.
   php` in the directory /wp-content/mu-plugins and put the `add_filter` code inside
   it.
 *  [matteocollina](https://wordpress.org/support/users/matteocollina/)
 * (@matteocollina)
 * [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15011105)
 * [@rockfire](https://wordpress.org/support/users/rockfire/) You right man! It 
   works, thank you very much!

Viewing 15 replies - 1 through 15 (of 15 total)

The topic ‘Headers duplicates’ is closed to new replies.

 * ![](https://ps.w.org/wp-rest-cache/assets/icon-256x256.png?rev=3328849)
 * [WP REST Cache](https://wordpress.org/plugins/wp-rest-cache/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-rest-cache/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-rest-cache/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-rest-cache/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-rest-cache/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-rest-cache/reviews/)

 * 15 replies
 * 4 participants
 * Last reply from: [matteocollina](https://wordpress.org/support/users/matteocollina/)
 * Last activity: [4 years, 7 months ago](https://wordpress.org/support/topic/headers-duplicates/#post-15011105)
 * Status: resolved