Access-Control-Allow-Origin: only on client Origin header

Version 1.582

Bugfix
Finished

Related to this: https://www.directadmin.com/features.php?id=1415 You can now set multiple values in the access_control_allow_origin setting, eg: access_control_allow_origin=access_control_allow_origin=http://www.domain.com, https://www.otherdomain.com:8080 using a comma separated list. for example. The Access-Control-Allow-Origin header will now only be shown if: 1) There is an incoming Origin header from the client 2) That header exact matches on of the items in the list, including port, etc.. (extract string match) The comma separated entries are trimmed, so whitespace before/after is ok.

Interested to try DirectAdmin? Get a 30-day Free Trial!