14 lines
464 B
Text
14 lines
464 B
Text
# Cross domain AJAX requests
|
|
|
|
# http://www.w3.org/TR/cors/#access-control-allow-origin-response-header
|
|
|
|
# **Security Warning**
|
|
# Do not use this without understanding the consequences.
|
|
# This will permit access from any other website.
|
|
#
|
|
add_header "Access-Control-Allow-Origin" "*";
|
|
|
|
# Instead of using this file, consider using a specific rule such as:
|
|
#
|
|
# Allow access based on [sub]domain:
|
|
# add_header "Access-Control-Allow-Origin" "subdomain.example.com";
|