Press "Enter" to skip to content

Whitelisting domains for WordPress CORS

This quick tip will share some code for how you can whitelist domains in WordPress to allow for Cross Origin Request Sharing (CORS).

add_filter( 'allowed_http_origins', 'mytheme_add_origins' );
/**
 * Add origins for CORS
 */
function mytheme_add_origins( $origins ) {
    $origins[] = 'http://subdomain.mysite.com';
    $origins[] = 'http://someothersite.com';
    return $origins;
}

Thats it! Now, your site will allow any of the domains you added to hit your Ajax URLs without running into any Access-Control-Allow-Origin error responses.

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *