Title: Plugin causes CORS policy error Last modified: August 21, 2019 --- # Plugin causes CORS policy error * Resolved [Alexanne](https://wordpress.org/support/users/alexannee/) * (@alexannee) * [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/) * Hello, * I have some issues with this plugin regarding CORS policy. Console logs this error when I try to send a form using CF7. * `Access to XMLHttpRequest at 'XXX' from origin 'XXX' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'XXX,*', but only one is allowed.` * Any clue on how I could fix this?? * Thanks! * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fplugin-causes-cors-policy-error%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [matthias.wagner](https://wordpress.org/support/users/matthiaswagner/) * (@matthiaswagner) * [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/#post-11853557) * looks like the syntax of your cors header is not valid. try to use only the * first (as described here: [https://enable-cors.org/server_apache.html](https://enable-cors.org/server_apache.html)). * after this works, you can find instructions on the web on how to build a more safe header that will only allow the domains you are using (like that: [https://blog.blakesimpson.co.uk/page.php?id=64&title=apache-configure-cors-headers-for-whitelist-domains](https://blog.blakesimpson.co.uk/page.php?id=64&title=apache-configure-cors-headers-for-whitelist-domains) or many similar ressources on the web) * matt * Thread Starter [Alexanne](https://wordpress.org/support/users/alexannee/) * (@alexannee) * [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/#post-11861072) * Hello Matt, * Thanks for your answer! * My .htaccess contains only this for Access-Control-Allow-Origin : * `Header set Access-Control-Allow-Origin "*"` * I don’t understand why I have multiple values. * Is there a way I can bypass this? * Have a nice day, * Alexanne * Thread Starter [Alexanne](https://wordpress.org/support/users/alexannee/) * (@alexannee) * [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/#post-11861133) * Hello, me again! * I answered myself while writing my reply… * I removed the line `Header set Access-Control-Allow-Origin "*"` in my .htaccess, and now it’s all good. * Thanks for your help! * Plugin Author [matthias.wagner](https://wordpress.org/support/users/matthiaswagner/) * (@matthiaswagner) * [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/#post-11861668) * great to hear. maybe you already set the header at some other location 😉 * matt Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Plugin causes CORS policy error’ is closed to new replies. * ![](https://ps.w.org/multiple-domain-mapping-on-single-site/assets/icon-256x256. png?rev=1595238) * [Multiple Domain Mapping on Single Site](https://wordpress.org/plugins/multiple-domain-mapping-on-single-site/) * [Frequently Asked Questions](https://wordpress.org/plugins/multiple-domain-mapping-on-single-site/#faq) * [Support Threads](https://wordpress.org/support/plugin/multiple-domain-mapping-on-single-site/) * [Active Topics](https://wordpress.org/support/plugin/multiple-domain-mapping-on-single-site/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/multiple-domain-mapping-on-single-site/unresolved/) * [Reviews](https://wordpress.org/support/plugin/multiple-domain-mapping-on-single-site/reviews/) * 4 replies * 2 participants * Last reply from: [matthias.wagner](https://wordpress.org/support/users/matthiaswagner/) * Last activity: [6 years, 9 months ago](https://wordpress.org/support/topic/plugin-causes-cors-policy-error/#post-11861668) * Status: resolved