Whitelisting domains for WordPress CORS

This quick tip will share some code for how you can whitelist domains in WordPress to allow for Cross Origin Request Sharing (CORS).

add_filter( 'allowed_http_origins', 'mytheme_add_origins' );
/**
 * Add origins for CORS
 */
function mytheme_add_origins( $origins ) {
    $origins[] = 'http://subdomain.mysite.com';
    $origins[] = 'http://someothersite.com';
    return $origins;
}

Thats it! Now, your site will allow any of the domains you added to hit your Ajax URLs without running into any Access-Control-Allow-Origin error responses.

Join the Conversation

2 Comments

Leave a comment

Your email address will not be published. Required fields are marked *