CORS (Access Control Allow Origin) on Apache Proxy issue

Marcello Verona picture Marcello Verona · Jul 15, 2016 · Viewed 16.8k times · Source

I need to send a CORS header from my map server (QGIS mapserver) that use a fast cgi with Apache 2.4.* on the port 8080.

I configured the with a simple

<VirtualHost *:8080>
   [...]
   Header set Access-Control-Allow-Origin "*"
</VirtualHost>

and it works.

I want to set a proxy to avoid the specification of the port in the URL. I have configured another Virtualhost in the port 80:

<VirtualHost *:80>
    ProxyPass /cgi-bin/ http://localhost:8080/
    ProxyPassReverse /cgi-bin/ http://localhost:8080/

    # Is useful this?
    Header set Access-Control-Allow-Origin "*"
</VirtualHost>

but the header is not propagated. There is a solution?

Answer

St&#233;phane picture Stéphane · May 22, 2017

Add always

Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

And, enable headers module

a2enmod headers