CORS support for APIs
edited July 2019 in Contributions
I would love built in CORS support for APIs. I saw one post on how to add CORS, but it uses the wildcard and opens the site up to any domain.
Even though I’ve never written php before, I was able to cobble together a temporary solution that can be pasted at the top of these API endpoints:
Please note that $allowed_domains includes all subdomains.
Also, a note for others using fetch/axios. The content-type must be
application/x-www-form-urlencoded;charset=UTF-8, and the body can be built using the querystring package or URLSearchParams.
This discussion has been closed.