CORS not working - Question really #106
Description
I have the following domains:
http://app.arvrlab.org.nz (the origin domain requesting from the API)
http://cms.arvrlab.org.nz (the Silverstripe CMS and API)
I get the following CORS errors:
Access to XMLHttpRequest at 'http://cms.arvrlab.org.nz/api/Member/743' from origin 'http://app.arvrlab.org.nz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
My config yml looks like:
RESTfulAPI:
authentication_policy: true
dependencies:
authenticator: '%$RESTfulAPI_TokenAuthenticator'
embedded_records:
'Quest':
- 'Tasks'
'Member':
- 'AraCourses'
cors:
Enabled: true
Allow-Origin: 'http://app.arvrlab.org.nz'
Allow-Headers: '*'
Allow-Methods: 'OPTIONS, GET, PUT, POST, PATCH, DELETE'
Max-Age: 86400
I've tried:
RESTfulAPI:
authentication_policy: true
dependencies:
authenticator: '%$RESTfulAPI_TokenAuthenticator'
embedded_records:
'Quest':
- 'Tasks'
'Member':
- 'AraCourses'
cors:
Enabled: true
Allow-Origin: '*'
Allow-Headers: '*'
Allow-Methods: 'OPTIONS, GET, PUT, POST, PATCH, DELETE'
Max-Age: 86400
As well (dev/build) done each time. But still having no luck at all?
Any ideas? Sorry, I'm not the best dev on the block so maybe I'm just missing something simple?
Cheers
Jamie