My “Access-Control-Allow-Origin” header is not working in my .htaccess?
While I was trying to get information from the "https://api.steampowered.com" API I was getting the error
Access to XMLHttpRequest at 'https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Then I set the AllowOverride to all in my apache2.confand added the header Header set Access-Control-Allow-Origin "https://api.steampowered.com" to my .htaccess located in /var/www/html.
(I also tryed it with Header set Access-Control-Allow-Origin "*")
I enabled the a2enmod headers with a2enmod headers after that I restarted my webserver with /etc/init.d/apache2 restart.
But it still doesn't work.
My .htaccess:
Header set Access-Control-Allow-Origin "*"
My apache2.conf:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
My javascript code:
$(document).ready(function () {
$.getJSON('https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>', function (data) {
//My code with the data
});
});
Maybe I need to put the header elsewhere?
javascript cors apache2
asked Jan 19 at 11:33
nextRoundnextRound
12
add a comment |
While I was trying to get information from the "https://api.steampowered.com" API I was getting the error
Access to XMLHttpRequest at 'https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Then I set the AllowOverride to all in my apache2.confand added the header Header set Access-Control-Allow-Origin "https://api.steampowered.com" to my .htaccess located in /var/www/html.
(I also tryed it with Header set Access-Control-Allow-Origin "*")
I enabled the a2enmod headers with a2enmod headers after that I restarted my webserver with /etc/init.d/apache2 restart.
But it still doesn't work.
My .htaccess:
Header set Access-Control-Allow-Origin "*"
My apache2.conf:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
My javascript code:
$(document).ready(function () {
$.getJSON('https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>', function (data) {
//My code with the data
});
});
Maybe I need to put the header elsewhere?
javascript cors apache2
asked Jan 19 at 11:33
nextRoundnextRound
12
add a comment |
While I was trying to get information from the "https://api.steampowered.com" API I was getting the error
Access to XMLHttpRequest at 'https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Then I set the AllowOverride to all in my apache2.confand added the header Header set Access-Control-Allow-Origin "https://api.steampowered.com" to my .htaccess located in /var/www/html.
(I also tryed it with Header set Access-Control-Allow-Origin "*")
I enabled the a2enmod headers with a2enmod headers after that I restarted my webserver with /etc/init.d/apache2 restart.
But it still doesn't work.
My .htaccess:
Header set Access-Control-Allow-Origin "*"
My apache2.conf:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
My javascript code:
$(document).ready(function () {
$.getJSON('https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>', function (data) {
//My code with the data
});
});
Maybe I need to put the header elsewhere?
javascript cors apache2
asked Jan 19 at 11:33
nextRoundnextRound
12
While I was trying to get information from the "https://api.steampowered.com" API I was getting the error
Access to XMLHttpRequest at 'https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Then I set the AllowOverride to all in my apache2.confand added the header Header set Access-Control-Allow-Origin "https://api.steampowered.com" to my .htaccess located in /var/www/html.
(I also tryed it with Header set Access-Control-Allow-Origin "*")
I enabled the a2enmod headers with a2enmod headers after that I restarted my webserver with /etc/init.d/apache2 restart.
But it still doesn't work.
My .htaccess:
Header set Access-Control-Allow-Origin "*"
My apache2.conf:
<Directory />
Options FollowSymLinks
AllowOverride None
Require all denied
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
My javascript code:
$(document).ready(function () {
$.getJSON('https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>', function (data) {
//My code with the data
});
});
Maybe I need to put the header elsewhere?
javascript cors apache2
javascript cors apache2
asked Jan 19 at 11:33
nextRoundnextRound
12
asked Jan 19 at 11:33
nextRoundnextRound
12
asked Jan 19 at 11:33
nextRoundnextRound
12
asked Jan 19 at 11:33
nextRoundnextRound
12
asked Jan 19 at 11:33
nextRoundnextRound
12
12
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
You have a webpage, https://example.com/ which includes some JavaScript.
That JavaScript wants to read data from https://api.steampowered.com/.
To do this, https://api.steampowered.com/ needs to give permission to https://example.com.
You have configured https://example.com to grant permission to all websites to read data from it.
You haven't configured https://api.steampowered.com/ to grant permission to anyone. (At least I assume you don't work for Steam).
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54266642%2fmy-access-control-allow-origin-header-is-not-working-in-my-htaccess%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You have a webpage, https://example.com/ which includes some JavaScript.
That JavaScript wants to read data from https://api.steampowered.com/.
To do this, https://api.steampowered.com/ needs to give permission to https://example.com.
You have configured https://example.com to grant permission to all websites to read data from it.
You haven't configured https://api.steampowered.com/ to grant permission to anyone. (At least I assume you don't work for Steam).
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
add a comment |
You have a webpage, https://example.com/ which includes some JavaScript.
That JavaScript wants to read data from https://api.steampowered.com/.
To do this, https://api.steampowered.com/ needs to give permission to https://example.com.
You have configured https://example.com to grant permission to all websites to read data from it.
You haven't configured https://api.steampowered.com/ to grant permission to anyone. (At least I assume you don't work for Steam).
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
add a comment |
You have a webpage, https://example.com/ which includes some JavaScript.
That JavaScript wants to read data from https://api.steampowered.com/.
To do this, https://api.steampowered.com/ needs to give permission to https://example.com.
You have configured https://example.com to grant permission to all websites to read data from it.
You haven't configured https://api.steampowered.com/ to grant permission to anyone. (At least I assume you don't work for Steam).
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
You have a webpage, https://example.com/ which includes some JavaScript.
That JavaScript wants to read data from https://api.steampowered.com/.
To do this, https://api.steampowered.com/ needs to give permission to https://example.com.
You have configured https://example.com to grant permission to all websites to read data from it.
You haven't configured https://api.steampowered.com/ to grant permission to anyone. (At least I assume you don't work for Steam).
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
answered Jan 19 at 11:51
QuentinQuentin
645k718741041
645k718741041
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
add a comment |
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
Thank you! Good to know that :)
– nextRound
Jan 19 at 12:23
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54266642%2fmy-access-control-allow-origin-header-is-not-working-in-my-htaccess%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
