-
slookabill
Newbie
-
Posts: 5
Threads: 3
Joined: Jul 2022
Reputation:
0
I'm currently trying to debut my site and get it working again. Currently on the newest version of CI. Trying to get the debug toolbar to load, and it keeps getting blocked by a CORS error:
"login:1 Access to XMLHttpRequest at 'https://[site]/?debugbar_time=1738522321.192592' from origin 'https://www.[site]' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."
I've tried numerous times to set the CORS policy via .htaccess(the one in the public directory). Below is my current file:
Code: # Disable directory browsing
Options -Indexes
AddDefaultCharset UTF-8
AddDefaultCharset ISO-8859-1
DefaultLanguage en-us
# ----------------------------------------------------------------------
# Rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and features.
# FollowSymLinks must be enabled for this to work.
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
# If you installed CodeIgniter in a subfolder, you will need to
# change the following line to match the subfolder you need.
# http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
# RewriteBase /
# Redirect Trailing Slashes...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Rewrite "www.example.com -> example.com"
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Checks to see if the user is attempting to access a valid file,
# such as an image or css document, if this isn't true it sends the
# request to the front controller, index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ index.php?/$1 [L,NC,QSA]
# Ensure Authorization header is passed along
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 index.php
</IfModule>
# Disable server signature start
ServerSignature Off
# Disable server signature end
<IfModule mod_headers.c>
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE"
Header add Access-Control-Allow-Headers "Content-Type, Accept, Origin, X-Requested-With"
Header add Access-Control-Allow-Credentials "true"
Header add Access-Control-Max-Age "3600"
</IfModule>
-
InsiteFX
Super Moderator
-
Posts: 6,714
Threads: 343
Joined: Oct 2014
Reputation:
246
02-02-2025, 10:50 PM
(This post was last modified: 02-02-2025, 10:52 PM by InsiteFX.)
This is how my .htaccess is on my sites.
Make sure you add development in the env file and rename it .env
Code: # Disable directory browsing
Options -Indexes
# ----------------------------------------------------------------------
# Rewrite engine
# ----------------------------------------------------------------------
# Turning on the rewrite engine is necessary for the following rules and features.
# FollowSymLinks must be enabled for this to work.
<IfModule mod_rewrite.c>
Options +FollowSymlinks
RewriteEngine On
# If you installed CodeIgniter in a subfolder, you will need to
# change the following line to match the subfolder you need.
# http://httpd.apache.org/docs/current/mod/mod_rewrite.html#rewritebase
RewriteBase /
## .htaccess Control For CORS Configuration
# Add Font Awesome Font Types
AddType application/vnd.ms-fontobject .eot
AddType application/x-font-ttf .ttf
AddType application/x-font-opentype .otf
AddType application/font-woff .woff
AddType application/font-woff2 .woff2
<IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|svg|svgz|jpg|png|webp|ico|font.css|css|js)$">
## un-remark this one for all access and remark out the one below it
## DO NOT use on a live web site, very un-secure!!!
#Header set Access-Control-Allow-Origin "*"
## Change this to your local host url. and https or http
Header add Access-Control-Allow-Origin: "https://www.yoursite.com"
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "Upgrade-Insecure-Requests"
Header add Access-Control-Allow-Headers "Content-Type, Accept, Origin, X-Requested-With"
</FilesMatch>
</IfModule>
# Remove index.php from URL
RewriteCond %{HTTP:X-Requested-With} !^XMLHttpRequest$
RewriteCond %{THE_REQUEST} ^[^/]*/index\.php [NC]
RewriteRule ^index\.php(.*)$ $1 [R=301,NS,L]
# Redirect Trailing Slashes...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Rewrite "www.example.com -> example.com"
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ http://%1%{REQUEST_URI} [R=301,L]
# Checks to see if the user is attempting to access a valid file,
# such as an image or css document, if this isn't true it sends the
# request to the front controller, index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^([\s\S]*)$ index.php/$1 [L,NC,QSA]
# Ensure Authorization header is passed along
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
<IfModule !mod_rewrite.c>
# If we don't have mod_rewrite installed, all 404's
# can be sent to index.php, and everything works as normal.
ErrorDocument 404 index.php
</IfModule>
# Disable server signature start
ServerSignature Off
# Disable server signature end
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
slookabill
Newbie
-
Posts: 5
Threads: 3
Joined: Jul 2022
Reputation:
0
So, I'm still combating this issue(before getting to another issue that will hopefully be easier to fix... as of right now it's still not working... the CORS headers are showing up when applied to files other than index.php, but on the index or other accesses I'm still getting the listed CORS error when trying to access the page and it's trying to load the debug toolbar.
-
InsiteFX
Super Moderator
-
Posts: 6,714
Threads: 343
Joined: Oct 2014
Reputation:
246
02-16-2025, 10:37 PM
(This post was last modified: 02-16-2025, 10:39 PM by InsiteFX.)
Did you add the FilesMatch?
Code: <IfModule mod_headers.c>
<FilesMatch "\.(ttf|ttc|otf|eot|woff|woff2|svg|svgz|jpg|png|webp|ico|font.css|css|js)$">
## un-remark this one for all access and remark out the one below it
## DO NOT use on a live web site, very un-secure!!!
#Header set Access-Control-Allow-Origin "*"
## Change this to your local host url. and https or http
Header add Access-Control-Allow-Origin: "https://www.yoursite.com"
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "Upgrade-Insecure-Requests"
Header add Access-Control-Allow-Headers "Content-Type, Accept, Origin, X-Requested-With"
</FilesMatch>
</IfModule>
Also use the web Browsers developer tools hit F12.
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
-
slookabill
Newbie
-
Posts: 5
Threads: 3
Joined: Jul 2022
Reputation:
0
Well, annoyingly, after a lot of research and other debates, I found out it was an issue with my server configuration by my host, and they've fixed it and it's resolved, Thanks for all the help or looking
|
Debug toolbar not showing up CORS error
