playground-tools icon indicating copy to clipboard operation
playground-tools copied to clipboard
verified publisher icon WordPress

Webserver-level CORS header manipulation

Open mhsdef opened this issue 1 year ago • 2 comments

We need some way to set CORS headers at wp-now's Express server level similar to what can be done with .htaccess in Apache setups:

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "_origin here_"
</IfModule>

We do have a mu-plugin that spins in the PHP handling and that's a solution for most folk since the typical situation is API backend; but, a plugin approach doesn't cover things like, say, a cross-origin static resource @font-face load (in Firefox) to a WP backend which matters for the way we're using WP in our case.

Our use case is fairly unique, but, WP deployments can get "unique" in the real world, so I do think Express header manipulation makes general sense for a certain segment of users.

Maybe something like..?

wp-now --headers <whatever ux makes sense>

mhsdef avatar Apr 27 '24 02:04 mhsdef

Or, riffing further, a way to do it via the config feels even better.

{
      "step": "setWebserverHeader",
      "header": "Access-Control-Allow-Origin http://localhost:3000"
}

mhsdef avatar Apr 27 '24 03:04 mhsdef

cc @sejas

adamziel avatar Apr 30 '24 13:04 adamziel