+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: CORS Usage in Controller (/showthread.php?tid=73336)
CORS Usage in Controller - MrJunaidShahid - 04-12-2019
Hi,
I was working on security of API. Did anyone let me know how we can apply CORS in elegant way?
Or what you recommend for Security of API to not expose to outer world?
RE: CORS Usage in Controller - InsiteFX - 04-12-2019
I do it like this for fonts for security you may need to do it different.
Code:
# Add Font Types
AddType application/vnd.ms-fontobject .eot
AddType font/truetype .ttf
AddType font/opentype .otf
AddType font/opentype .woff
AddType font/opentype .woff2
AddType image/svg+xml .svg .svgz
<FilesMatch ".(eot|ttf|otf|woff|woff2|svg|svgz)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>You can read all about it from the link below.
Cross-Origin Resource Sharing (CORS)
RE: CORS Usage in Controller - MrJunaidShahid - 04-14-2019
(04-12-2019, 03:19 PM)InsiteFX Wrote: I do it like this for fonts for security you may need to do it different.
Code:# Add Font Types
AddType application/vnd.ms-fontobject .eot
AddType font/truetype .ttf
AddType font/opentype .otf
AddType font/opentype .woff
AddType font/opentype .woff2
AddType image/svg+xml .svg .svgz
<FilesMatch ".(eot|ttf|otf|woff|woff2|svg|svgz)">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
You can read all about it from the link below.
Cross-Origin Resource Sharing (CORS)
what if I want to allow one controller to only abc.com and other controller to xyz.com?
RE: CORS Usage in Controller - InsiteFX - 04-14-2019
Access-Control-Allow-Origin: http://your.com/controller1
Access-Control-Allow-Origin: http://your.com/controller2
Change your.com to your site and controller# to your controllers.