Allow configuration of CORS-Parameter #8
Closed this issue · 2 comments
tobiaskahl commented
If you host contao on an other server than the SPA i get the following error while calling the REST-API:
Access to XMLHttpRequest at 'http://contao.localhost.local/api/' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Is it possible to add the configuration of allowed origins?
soletan commented
I've created https://github.com/cepharum/contao-cors a few days ago while working on a similar approach as provided by this extension here. It's focusing on handling and injecting CORS headers in every request.
tobiaskahl commented
Oh thanks for that advice. I will try it that way.