I'm developing a web application which makes REST calls to another web application outside its domain.
But whenever it tries to make the REST call, I'm facing CORS issue in chrome.
Error:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
I know this question has been asked many times & I've tried many of the suggestions, but none of them is working for me.
I'm using httpd as the web server.
Below is the httpd.conf of my system.
I've added Header set Access-Control-Allow-Origin "*" inside <Directory>, as suggested here.
Please suggest.
Thanks
httpd.conf
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Header set Access-Control-Allow-Origin "*"
Require all granted
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" bined
LogFormat "%h %l %u %t \"%r\" %>s %b" mon
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" binedio
</IfModule>
CustomLog "logs/access_log" bined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-press .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
ProxyRequests Off
ProxyPreserveHost On
<VirtualHost *:80>
ProxyPass / http://localhost:9000/ # My local sonarqube URL
ProxyPassReverse /
ErrorLog logs/sonar/error.log
CustomLog logs/sonar/access.log mon
</VirtualHost>
I'm developing a web application which makes REST calls to another web application outside its domain.
But whenever it tries to make the REST call, I'm facing CORS issue in chrome.
Error:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
I know this question has been asked many times & I've tried many of the suggestions, but none of them is working for me.
I'm using httpd as the web server.
Below is the httpd.conf of my system.
I've added Header set Access-Control-Allow-Origin "*" inside <Directory>, as suggested here.
Please suggest.
Thanks
httpd.conf
ServerRoot "/etc/httpd"
Listen 80
Include conf.modules.d/*.conf
User apache
Group apache
ServerAdmin root@localhost
<Directory />
AllowOverride none
Header set Access-Control-Allow-Origin "*"
Require all granted
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "logs/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" bined
LogFormat "%h %l %u %t \"%r\" %>s %b" mon
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" binedio
</IfModule>
CustomLog "logs/access_log" bined
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-press .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
EnableSendfile on
IncludeOptional conf.d/*.conf
ProxyRequests Off
ProxyPreserveHost On
<VirtualHost *:80>
ProxyPass / http://localhost:9000/ # My local sonarqube URL
ProxyPassReverse / http://myhost.
ErrorLog logs/sonar/error.log
CustomLog logs/sonar/access.log mon
</VirtualHost>
3 Answers
Reset to default 3In Debian-based distros. enable mod_headers running
a2enmod headers
sudo service apache2 reload
In CentOS & other RedHat based distros
edit config file read by apache like httpd.conf and add
LoadModule headers_module modules/mod_headers.so
and reload apache with sudo service httpd restart
and in httpd.conf or some file read by apache like apache2.conf, of files *.conf within the folders like sites-available/ or sites-enabled/
Header set Access-Control-Allow-Origin: *
* or the domain or domains you desire
Keep in mind this must be placed in the server that receive the request, not the server that send the request, and restrictions are made by browsers, not servers, see this: https://developer.mozilla/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
There is also another way instead of editing some .conf file that is creating a file at document root level called .htaccess and inside: Header set Access-Control-Allow-Origin *
To enable CORS the following header directive can be used:
Header set Access-Control-Allow-Origin "*"
In my experience this error is often returned if there is any issue with the API.
You should try testing your web application in Chrome without web security to see if the issue is really a CORS issue or not. See here for more information.