Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 38,109
Active installs: 1,000
Total reviews: 3
Average rating: 2.3
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 1 language(s)
Contributors: 1
Last updated: 7/28/2023 (887 days ago)
Added to WordPress: 10/5/2014 (11 years old)
Minimum WordPress version: 3.6
Tested up to WordPress version: 6.2.8
Minimum PHP version: f

Maintenance & Compatibility

Maintenance score

Possibly abandoned • Last updated 887 days ago • 3 reviews

22/100

Is WP-CORS abandoned?

Possibly abandoned (last update 887 days ago).

Compatibility

Requires WordPress: 3.6
Tested up to: 6.2.8
Requires PHP: f

Ratings

1
0
0
0
2See all reviews

Developers

tstephenson (Owner)1

Languages

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

LH Multisite CORS
Rating 3.7/5 (3 reviews)Active installs 300
Compare
Enable CORS
Rating 3.7/5 (3 reviews)Active installs 5,000
Compare
CoCart CORS Support
Rating 0.0/5 (0 reviews)Active installs 400
Compare
Enable CORS support
Rating 3.0/5 (2 reviews)Active installs 60
Compare
RSS CORS Enable
Rating 0.0/5 (0 reviews)Active installs 60
Compare
Boost site performance with Reverse Proxy
Rating 5.0/5 (1 reviews)Active installs 30
Compare
See more alternatives to WP-CORS

Description

My use case is to allow content authors to write help pages in WordPress.
This content is fetched and embedded into a single page application hosted on another domain.

AJAX requests to this site from another are typically disallowed by the browser’s security model.
To permit legitimate uses the requesting browser may include an Origin header containing its domain.
This plugin uses the Origin header to decide whether to allow the request or not.
Allowed domains can be specified in the plugin’s Settings page.

Installation

This section describes how to install the plugin and get it working.

  1. Upload the uncompressed contents of wp-cors.zip to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

Frequently Asked Questions

Why do I need this plugin?

If you want to integrate content from your site to JavaScript applications running on other host domains (or allow other people to) then the CORS standard is a way to allow this.

What is the difference between CORS and JSONP?

CORS is more modern and more secure since it works with the browser’s same-origin policy and XmlHttpRequest objects rather than bypassing them.

Ok I’m sold, where can I read more about CORS?

You can find the CORS spec here: http://www.w3.org/TR/cors/ You can learn more about how to use CORS here: http://www.html5rocks.com/en/tutorials/cors/

How do I control which sites can integrate using CORS?

This plugin’s Settings page allows administrators to specify a comma separated list of allowed domains.

Review feed

No reviews available

Screenshots

  1. The plugin's Settings page.

    The plugin's Settings page.

Changelog

0.2.2

Tested up to WordPress 6.2.2
Prevent cross-site script injection on Settings page (CVE-2022-47606).
Note this vulnerability may only be exploited if the user is already logged in with Admin privilege.

0.2.1

Tested up to WordPress 4.3
Minor fixes to avoid 404 on (unnecessary) files.

0.2.0

Publish on WordPress.org.

0.1.1

Stop debugging statements flooding the error log.

0.1.0

Initial proof of concept.

Back to plugins