Why Header Configuration?
Header configuaration helps us achieve so much ranging from responses to error codes and so much more,
but for this guide, we'll be talking about
Header config in relation to CORS. CORS usually creates a lot of problems for
developers, and this is as a result of poor header config. So, let's get started.
When an app/site(siteX) tries to fetch content from your Leaf app, you can send an Access-Control-Allow-Origin response header to tell the browser that the content of this page is accessible to certain origins.
(An origin is a domain, plus a scheme and port number.) By default, your Leaf app's content isn't available to any other origin; using the Access-Control-Allow-Origin header opens a door for cross-origin access by specific requesting origins.
You can authorize
siteX by adding
Access-Control-Allow-Origin: siteX or you can allow all origins by adding
The Access-Control-Allow-Headers header is used in response to a preflight request to indicate which HTTP headers can be used when making the actual request.
The Access-Control-Allow-Methods header specifies the method or methods allowed when accessing the resource. This is used in response to a preflight request. The conditions under which a request is preflighted are discussed above.
Next StepsRe-routing to index.php