Question posted in
Some documentation to get you started can be found here.

Enable CORS in httpd.conf – Apache

I’m developing a web application which makes REST calls to another web application outside its domain.

But whenever it tries to make the REST call, I’m facing CORS issue in chrome.

Error:

No 'Access-Control-Allow-Origin' header is present on the requested resource.

I know this question has been asked many times & I’ve tried many of the suggestions, but none of them is working for me.

I’m using httpd as the web server.

Below is the httpd.conf of my system.
I’ve added Header set Access-Control-Allow-Origin "*" inside <Directory>, as suggested here.

Please suggest.

Thanks

httpd.conf

ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
    AllowOverride none
  Header set Access-Control-Allow-Origin "*"
    Require all granted
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory>
<Directory "/var/www/html">
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>
<IfModule dir_module>
    DirectoryIndex index.html
</IfModule>
<Files ".ht*">
    Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn

<IfModule log_config_module>
    LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
    LogFormat "%h %l %u %t "%r" %>s %b" common

    <IfModule logio_module>
      LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
    ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"

</IfModule>
<Directory "/var/www/cgi-bin">
    AllowOverride None
    Options None
    Require all granted
</Directory>

<IfModule mime_module>
    TypesConfig /etc/mime.types
    AddType application/x-compress .Z
    AddType application/x-gzip .gz .tgz
    AddType text/html .shtml
    AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8

<IfModule mime_magic_module>
    MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf

ProxyRequests Off
ProxyPreserveHost On
<VirtualHost *:80>
  ProxyPass / http://localhost:9000/        # My local sonarqube URL
  ProxyPassReverse / http://myhost.com
  ErrorLog logs/sonar/error.log
  CustomLog logs/sonar/access.log common
</VirtualHost>
Tags:

3

Answers


  1. 0

    In my experience this error is often returned if there is any issue with the API.

    You should try testing your web application in Chrome without web security to see if the issue is really a CORS issue or not. See here for more information.

    Login or Signup to reply.
  2. 0

    In Debian-based distros. enable mod_headers running 

    a2enmod headers
sudo service apache2 reload

    In CentOS & other RedHat based distros

    edit config file read by apache like httpd.conf and add 

    LoadModule headers_module modules/mod_headers.so

    and reload apache with sudo service httpd restart

    and in httpd.conf or some file read by apache like apache2.conf, of files *.conf within the folders like sites-available/ or sites-enabled/ 

    Header set Access-Control-Allow-Origin: *

    * or the domain or domains you desire

    Keep in mind this must be placed in the server that receive the
    request, not the server that send the request, and restrictions are
    made by browsers, not servers, see this:
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

    There is also another way instead of editing some .conf file that is creating a file at document root level called .htaccess and inside: Header set Access-Control-Allow-Origin *

    Login or Signup to reply.
  3. 0

    To enable CORS the following header directive can be used:

    Header set Access-Control-Allow-Origin "*"

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search