CORS preflight errors

Question

Hi all, I'm struggling a bit and looking for some help. (I'm an infrastructure guy not a developer so this stuff is doing my head in.)

Situation: Deployed a web app (wordpress) on what is basically a LAMP stack with the M being MariaDB.

Error: "No 'Access-Control-Allow-Origin' header is present on the requested resource."

I tried with the CORS exemptions in the web services settings.
{
"allowedOrigins": [
"https://sub.domain.com.au"
],
"supportCredentials": true
}

I tried with the .htaccess method
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www.)?(sub.domain.com.au|domain2.com)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials true
</IfModule>

I created a phpinfo page and saw that using the Azure CORS setting php is seeing the directive but it isn't being honoured. While, when using the .htaccess method phpinfo doesn't see the directive at all so presumably something in the apache setup in Azure is forcing the mod_headers to be ignored.

Any advice?
Thanks.

Answer 1

Hi @Andrew ,

I came across https://github.com/Azure-App-Service/php/issues/15 which is like the issue you're having where mod_headers is being ignored. In looking at the thread, what people are doing as a workaround is fork the dockerfile of the apache version they're using and appending headers to RUN a2enmod rewrite expires include deflate line.

Regards,
Ryan