Cross-Origin XMLHttpRequest

When activating the mdp-connect plugin, I received an error that wouldn’t allow files loaded from other domains. Here’s how I fixed it.

Here’s the initial error I received on the page that needed to load files via JavaScript:

Access to XMLHttpRequest at '' from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

To fix it, add the following to your .htaccess file to allow these files to be loaded from other domains:

<IfModule mod_headers.c>
  <FilesMatch "\.(css|js|json|xml|html)$">
    Header set Access-Control-Allow-Origin "*"

In that bit of code I’m allowing files with the specified extensions. You can add/remove from that as needed.

This code has been added (in this example) to the .htaccess for both and I recommend this be added by default moving forward.

Leave a comment

Your email address will not be published. Required fields are marked *