{"id":1698,"date":"2023-04-24T08:22:18","date_gmt":"2023-04-24T05:22:18","guid":{"rendered":"http:\/\/leonidassavvides.com\/blog\/?p=1698"},"modified":"2023-04-24T08:22:18","modified_gmt":"2023-04-24T05:22:18","slug":"enable-cors-for-multiple-domains-in-php","status":"publish","type":"post","link":"https:\/\/www.leonidassavvides.com\/blog\/2023\/04\/enable-cors-for-multiple-domains-in-php\/","title":{"rendered":"Enable CORS for multiple domains in PHP"},"content":{"rendered":"
<\/div>\n

In this article, we\u2019ll explain to you how to permit CORS requests for multiple origins in PHP.<\/p>\n\n\n\n

To get the response from a simple cross-origin POST request, we need to include the header Access-Control-Allow-Origin. The specification of Access-Control-Allow-Origin allows for multiple origins, or the value null, or the wildcard *.<\/p>\n\n\n\n

Access-Control-Allow-Origin: *\nAccess-Control-Allow-Origin: https:\/\/domainXYZ.com\nAccess-Control-Allow-Origin: null<\/code><\/pre>\n\n\n\n
The above is a simple implementation.<\/p>\n\n\n\n
For multiple domains permissions of CORS, we can use a PHP snippet like below:<\/p>\n\n\n\n
<?php\n$allowedOrigins = [\n   'https:\/\/domainXYZ.com',\n   'https:\/\/z1.domainXYZ.com',\n   'https:\/\/z2.domainXYZ.com',\n   'https:\/\/z3.domainXYZ.com',\n   'http:\/\/z4.domainXYZ4.com',\n];\n\nif(in_array($_SERVER['HTTP_ORIGIN'], $allowedOrigins))\n{\n\t$http_origin = $_SERVER['HTTP_ORIGIN'];\n} else {\n\t$http_origin = \"https:\/\/example.com\";\n}\nheader(\"Access-Control-Allow-Origin: $http_origin\");\n?><\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
In this article, we\u2019ll explain to you how to permit CORS requests for multiple origins in PHP. To get the response from a simple cross-origin POST request, we need to include the header Access-Control-Allow-Origin. The specification of Access-Control-Allow-Origin allows for multiple origins, or the value null, or the wildcard *. The above is a simple … Continue reading “Enable CORS for multiple domains in PHP”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,10,12,32,37,43,52],"tags":[90,91,92],"class_list":["post-1698","post","type-post","status-publish","format-standard","hentry","category-dev","category-html5","category-internet","category-php","category-security","category-tech","category-xampp","tag-cors","tag-cors-for-multiple-domains-in-php","tag-cors-php"],"_links":{"self":[{"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/posts\/1698","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/comments?post=1698"}],"version-history":[{"count":0,"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/posts\/1698\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/media?parent=1698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/categories?post=1698"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.leonidassavvides.com\/blog\/wp-json\/wp\/v2\/tags?post=1698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}