Skip to content

CORS support for APIs

I would love built in CORS support for APIs. I saw one post on how to add CORS, but it uses the wildcard and opens the site up to any domain.

Even though I’ve never written php before, I was able to cobble together a temporary solution that can be pasted at the top of these API endpoints:


Please note that $allowed_domains includes all subdomains.

Also, a note for others using fetch/axios. The content-type must be application/x-www-form-urlencoded;charset=UTF-8, and the body can be built using the querystring package or URLSearchParams.


This discussion has been closed.