# Cross domain AJAX requests # **Security Warning** # Do not use this without understanding the concequences. # This will permit access from any other website. # add_header "Access-Control-Allow-Origin" "*"; # Instead of using this file, consider using a specific rule such as: # # Allow access based on [sub]domain: # add_header "Access-Control-Allow-Origin" "subdomain.example.com"; # OR # add_header "Access-Control-Allow-Origin" "*.example.com";