PHP Enable/Allow CORS - Cross-origin Resource Sharing Website Domain

This Page Contains information about PHP Enable/Allow CORS - Cross-origin Resource Sharing Website Domain By dd in category Domain Names with 0 Replies. [5096], Last Updated: Thu Dec 25, 2025

Sun Mar 12, 2023

0 Comments

2139 Visits

UPDATE: 12/25/2025

For PHP5

// this is for php verssion 5 only
// 12/24/252023 - added referrer check
$allowedReferrers = [
    "https://www.example.com",
    "http://www.example.com",
    "https://example.com",
    "http://example.com",
];
// REFERRER CHECK
$http_referer = $_SERVER['HTTP_REFERER'];
$referrerAllowed = false;
foreach($allowedReferrers as $ref){
    if(strpos($http_referer, $ref) === 0){
        $referrerAllowed = true;
        break;
    }
}
if(!$referrerAllowed){
    header('HTTP/1.1 403 Forbidden');
    $jsonOutput = ['error' => 'Error #403 - Forbidden: ' . $http_referer];
    echo json_encode($jsonOutput);
    header("Content-Type: application/json; charset=UTF-8");
    exit;
}

To allow your Backend server APIs to access your PHP file, you can use the following headers in you PHP code:

If you want to allow a specific domain:

header("Access-Control-Allow-Origin: http://www.example.com");
header("Content-Type: application/json; charset=UTF-8");

Any domain:

header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");

2zKoS8GsKK8

PHP Enable/Allow CORS - Cross-origin Resource Sharing Website Domain

Related Content

Related Pages