1.33.4 CORS

Whether CORS headers should be written can be defined in the following section:

<webapi>
    <cors enabled="false">*</cors>
</webapi>

This value is false by default because the CORS headers are usually written in the upstream Apache web server.

Only in a few scenarios, e.g. during local development, it is necessary to set the value to true at this point.

Last updated