I'm running a Wordpress Multisite. The first/main site is using the domain "mainsite.com" while the subsites severall different domains from "subsite.mainsite.com" to "subsite.com" or "subsite.differentsite.com". I've got some cross-origins error and wanted to set "Access-Control-Allow-Origin" but for other reasons I would like to only do this on the main site.
I tried to do it in PHP:
<?php if ($blog_id = 1) {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
header('Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, X-Auth-Token , Authorization');
} ?>
But that failes and no Access-Control-Allow-Origin was set. Next I tried to do this in the .htaccess:
<If "%{HTTP_HOST} == 'mainsite.com'">
Header set Access-Control-Allow-Origin *
</If>
That DOES set it but it also seems to be active for "subsite.com". Could anybody give me a pointer what I am doing wrong? These configurations are not my strong suit and any help would be great!
EDIT: I'm trying to use a form from a subsite on my main site using this code:
switch_to_blog($blogid);
Ninja_Forms()->display($formtoshow);
restore_current_blog();
I get the error when I'm trying to send the form:
CORS-Kopfzeile 'Access-Control-Allow-Origin' fehlt). Statuscode: 200.
I had it the wrong way around and
<If "%{HTTP_HOST} != 'mainsite.com'">
Header set Access-Control-Allow-Origin *
</If>
did the trick since the correct header as to come from the subsite.