Access-Control-Allow-Origin / CORS question

Apologies if this is a dumb question, but is there a simple way to enable my static site to allow fetching of my index.json? I’m playing around with the idea of building a simple chrome extension that will go to the home page’s index.json, grab the index, and then allow you to search through the docs site from anywhere but I honestly don’t understand CORs. Some tutorials recommend .htaccess file – would that go in the /static folder or the root?

<IfModule mod_headers.c>
   Header set Access-Control-Allow-Origin "*"
 </IfModule>

Also, if there’s a better way to do this please let me know!

Also, I’m using Netlify to deploy if that matters.

NVM, I think I figured it out.

For anyone else, adding a netlify.toml file and providing this worked for me:

[[headers]]
  for = "/*"
    [headers.values]
    Access-Control-Allow-Origin = "*"
1 Like