Access-Control-Allow-Origin: only on client Origin header

Version 1.58.2


Related to this: You can now set multiple values in the access_control_allow_origin setting, eg: access_control_allow_origin=access_control_allow_origin=, using a comma separated list. for example. The Access-Control-Allow-Origin header will now only be shown if: 1) There is an incoming Origin header from the client 2) That header exact matches on of the items in the list, including port, etc.. (extract string match) The comma separated entries are trimmed, so whitespace before/after is ok.

Interested to try DirectAdmin? Get a 30-day Free Trial!