Skip to content

Magento
PHP
- Learn PHP
JavaScript
- jQuery
- Learn jQuery FREE
MySQL
WordPress
- How to Use Wordpress
Tools
Learn

How to limit ajax apis for your origins (Access-Control-Allow-Origin headers)

1

2

3

4

5

6

7

8

9

10

$allowed_domains = ["https://www.YOURDOMAIN.com","https://YOURDOMAIN.com","https://staging.YOURDOMAIN.com","https://www.YOURDOMAIN.com/","https://YOURDOMAIN.com/","https://staging.YOURDOMAIN.com/"];
// echo $_SERVER['HTTP_ORIGIN'];
if (in_array($_SERVER['HTTP_ORIGIN'], $allowed_domains)) {
    header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
}
else{
    if(in_array($_SERVER['HTTP_REFERER'], $allowed_domains)){
        header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_REFERER']);
    }
}

Posted

December 11, 2020

in

by

Harshvardhan Malpani

Tags:

Comments

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Comment *

Name *

Email *

Website

Δ

Proudly powered by WordPress