Config cors api

ribro · July 14, 2021, 2:38pm

Hi,
How to configure dolibarr or what are the directives to put in .htaccess to no longer have CORS error.
it is for use with a vuejs / capacitor application
thanks

rauldobrota · July 24, 2021, 11:14am

Hi,
use these directives on .htaccess:
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [L,R=204]

Header set X-Content-Type-Options “nosniff”
Header set X-XSS-Protection “1; mode=block”
Header always set Access-Control-Max-Age 1728000
Header always set Access-Control-Allow-Origin: “”
Header always set Access-Control-Allow-Methods: “GET,POST,OPTIONS,DELETE,PUT”
Header always set Access-Control-Allow-Headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
Header always set Access-Control-Allow-Credentials true

Check that are not doubled by server security configuration(inspect header)