Title: WP-CORS Author: tstephenson Published: 5 octobre 2014 Last modified: 28 juillet 2023 --- Recherche d’extensions Cette extension **n’a pas été testée avec plus de trois mises à jour majeures de WordPress**. Elle peut ne plus être maintenue ou supportée et peut avoir des problèmes de compatibilité lorsqu’elle est utilisée avec des versions de WordPress plus récentes. ![](https://s.w.org/plugins/geopattern-icon/wp-cors.svg) # WP-CORS Par [tstephenson](https://profiles.wordpress.org/tstephenson/) [Télécharger](https://downloads.wordpress.org/plugin/wp-cors.0.2.2.zip) * [Détails](https://fr.wordpress.org/plugins/wp-cors/#description) * [Avis](https://fr.wordpress.org/plugins/wp-cors/#reviews) * [Installation](https://fr.wordpress.org/plugins/wp-cors/#installation) * [Développement](https://fr.wordpress.org/plugins/wp-cors/#developers) [Support](https://wordpress.org/support/plugin/wp-cors/) ## Description My use case is to allow content authors to write help pages in WordPress. This content is fetched and embedded into a single page application hosted on another domain. AJAX requests to this site from another are typically disallowed by the browser’s security model. To permit legitimate uses the requesting browser may include an Origin header containing its domain. This plugin uses the Origin header to decide whether to allow the request or not. Allowed domains can be specified in the plugin’s Settings page. ## Captures d’écrans * [[ * The plugin’s Settings page. ## Installation This section describes how to install the plugin and get it working. 1. Upload the uncompressed contents of `wp-cors.zip` to the `/wp-content/plugins/` directory 2. Activate the plugin through the ‘Plugins’ menu in WordPress ## FAQ ### Why do I need this plugin? If you want to integrate content from your site to JavaScript applications running on other host domains (or allow other people to) then the CORS standard is a way to allow this. ### What is the difference between CORS and JSONP? CORS is more modern and more secure since it works _with_ the browser’s same-origin policy and XmlHttpRequest objects rather than bypassing them. ### Ok I’m sold, where can I read more about CORS? You can find the CORS spec here: http://www.w3.org/TR/cors/ You can learn more about how to use CORS here: http://www.html5rocks.com/en/tutorials/cors/ ### How do I control which sites can integrate using CORS? This plugin’s Settings page allows administrators to specify a comma separated list of allowed domains. ## Avis ![](https://secure.gravatar.com/avatar/50c101f4d9be877802d44713e653b7ee3306990c73a8daa836608bfa2bf2dcba? s=60&d=retro&r=g) ### 󠀁[Doesn’t work](https://wordpress.org/support/topic/doesnt-work-2425/)󠁿 [angeljs](https://profiles.wordpress.org/angeljs/) 28 mai 2020 Doesn’t work at all ![](https://secure.gravatar.com/avatar/fc79b304fae938687630ff147878c33fc258d96d9d2a6da6e0dc2bcad7e002ea? s=60&d=retro&r=g) ### 󠀁[wp cores… allow access to this site using the CORS standard for authorizing cr](https://wordpress.org/support/topic/wp-cores-allow-access-to-this-site-using-the-cors-standard-for-authorizing-cr/)󠁿 [nileshtaylor](https://profiles.wordpress.org/nileshtaylor/) 30 juillet 2018 its not working for me.. my website yet giving error cores origin error. [ Lire les 3 avis ](https://wordpress.org/support/plugin/wp-cors/reviews/) ## Contributeurs/contributrices & développeurs/développeuses « WP-CORS » est un logiciel libre. Les personnes suivantes ont contribué à cette extension. Contributeurs * [ tstephenson ](https://profiles.wordpress.org/tstephenson/) [Traduisez « WP-CORS » dans votre langue.](https://translate.wordpress.org/projects/wp-plugins/wp-cors) ### Le développement vous intéresse ? [Parcourir le code](https://plugins.trac.wordpress.org/browser/wp-cors/), consulter le [SVN dépôt](https://plugins.svn.wordpress.org/wp-cors/), ou s’inscrire au [journal de développement](https://plugins.trac.wordpress.org/log/wp-cors/) par [RSS](https://plugins.trac.wordpress.org/log/wp-cors/?limit=100&mode=stop_on_copy&format=rss). ## Journal des modifications #### 0.2.2 Tested up to WordPress 6.2.2 Prevent cross-site script injection on Settings page( CVE-2022-47606). Note this vulnerability may only be exploited if the user is already logged in with Admin privilege. #### 0.2.1 Tested up to WordPress 4.3 Minor fixes to avoid 404 on (unnecessary) files. #### 0.2.0 Publish on WordPress.org. #### 0.1.1 Stop debugging statements flooding the error log. #### 0.1.0 Initial proof of concept. ## Méta * Version **0.2.2** * Dernière mise à jour **il y a 3 ans** * Installations actives **1 000+** * Version de WordPress ** 3.6 ou plus ** * Testé jusqu’à **6.2.9** * Langue * [English (US)](https://wordpress.org/plugins/wp-cors/) * Étiquettes * [ajax](https://fr.wordpress.org/plugins/tags/ajax/)[cors](https://fr.wordpress.org/plugins/tags/cors/) [rest](https://fr.wordpress.org/plugins/tags/rest/) * [Vue avancée](https://fr.wordpress.org/plugins/wp-cors/advanced/) ## Évaluations 2.3 sur 5 étoiles. * [ 1 avis à 5 étoile ](https://wordpress.org/support/plugin/wp-cors/reviews/?filter=5) * [ 0 avis à 4 étoile ](https://wordpress.org/support/plugin/wp-cors/reviews/?filter=4) * [ 0 avis à 3 étoile ](https://wordpress.org/support/plugin/wp-cors/reviews/?filter=3) * [ 0 avis à 2 étoile ](https://wordpress.org/support/plugin/wp-cors/reviews/?filter=2) * [ 2 avis à 1 étoiles ](https://wordpress.org/support/plugin/wp-cors/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/wp-cors/reviews/#new-post) [Voir tous les avis](https://wordpress.org/support/plugin/wp-cors/reviews/) ## Contributeurs * [ tstephenson ](https://profiles.wordpress.org/tstephenson/) ## Support Quelque chose à dire ? Besoin d’aide ? [Voir le forum de support](https://wordpress.org/support/plugin/wp-cors/)