问题描述：

I want a clean way to enable CORS for my wordpress backend. Many posts suggest to just add the header to the api\'s code but editing the wordpress core is a no-go and wouldn\'t work for my setup anyway as I\'m using docker.

I\'ve tried writing a plugin like so:

add_filter( \'wp_headers\', array( \'send_cors_headers\' ), 11, 1 );
function send_cors_headers( $headers ) {
$headers[\'Access-Control-Allow-Origin\'] = \'*\';
return $headers;
}

But it just seems to do nothing at all, as I\'m still getting the following error:

Failed to load http://localhost/wp-json/wp/v2/posts: Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response.

图片转代码服务由CSDN问答提供

感谢您的意见，我们尽快改进~

功能建议

我想要一个干净的方法为我的wordpress后端启用CORS。 许多帖子建议只是将标题添加到api的代码中，但是编辑wordpress核心是不行的，因为我正在使用docker而无法进行我的设置。</ p>

I 我试过写一个这样的插件：</ p>

  add_filter（\'wp_headers\'，array（\'send_cors_headers\'），11,1）; 
function send_cors_headers（$ headers）{\\  n $ headers [\'Access-Control-Allow-Origin\'] =\'*\'; 
返回$ headers; 
} 
</ code> </ pre> 
但它似乎只是 什么也不做，因为我仍然收到以下错误：</ p> 
 无法加载http：// localhost / wp-json / wp / v2 / posts：请求标头 在预检响应中，Access-Control-Allow-Header不允许使用字段Access-Control-Allow-Origin。
</ code> </ pre> 
</ div> 
网友观点：
Your client-side JavaScript is attempting to set an Access-Control-Allow-Origin header on the request. 
This makes no sense since it is a response header, not a request header.
This is triggering a preflighted request, but your server-side code is only set up to handle simple requests.
Fix the client-side JS.