CORS Error with Omeka S IIIF Server Module

Overview

When distributing IIIF manifests using the Omeka S IIIF Server module, the following CORS error occurred in external viewers.

Access to fetch at 'https://xxx/iiif/2/09fd29d5-8497-4def-a64d-ca104284f90d/manifest' from origin 'https://universalviewer.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

This article introduces measures to address CORS errors in Omeka S.

Solution

https://github.com/Daniel-KM/Omeka-S-module-IiifServer?tab=readme-ov-file#cors-cross-origin-resource-sharing

The following was added.

SetEnv APPLICATION_ENV "production"
...
</FilesMatch>


Header setIfEmpty Access-Control-Allow-Origin "*"
Header setIfEmpty Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header setIfEmpty Access-Control-Allow-Methods "GET, POST"

This resolved the CORS issue.

Summary

I hope this is helpful when using the Omeka S IIIF Server module and similar tools.

Overview#

Solution#

Summary#

Overview

Solution

Summary