Default my magento store is loading without index.php. Site is secured. for both there are rewrite rules in .htaccess file which are working fine. I have implemented following code in .htaccess file, this is not working when i am loading the website. but if Load it by appending index.php CORS fix is working. https://domain/index.php — CORS working fine https://domain- CORS not working.
SetEnvIf Origin “^http(s)?://(.+.)?(domain)$” REQUESTORIGIN=$0
Header always set Access-Control-Max-Age 1728000
Header always set Access-Control-Origin %{REQUESTORIGIN}e env=REQUEST_ORIGIN
Header always set Access-Control-Allow-Methods “GET,POST,OPTIONS,DELETE,PUT”
Header always set Access-Control-Allow-Headers “DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,IF-Modified-Since,Catche-Control,C$
Header always set Access-Control-Allow-Credentials true
Even added following code in index.php still not working
// Allow from any origin
if (isset($_SERVER[‘HTTP_ORIGIN’])) {
// should do a check here to match $_SERVER[‘HTTP_ORIGIN’] to a
// whitelist of safe domains
header(“Access-Control-Allow-Origin: {$_SERVER[‘HTTP_ORIGIN’]}”);
header(‘Access-Control-Allow-Credentials: true’);
header(‘Access-Control-Max-Age: 86400’); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER[‘REQUEST_METHOD’] == ‘OPTIONS’) {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}