Cross-origin resource sharing (CORS) is disabled by default in Drupal 8. In a self-hosted, Acquia Cloud Enterprise, or Acquia Cloud Professional, you would edit the
services.yml files within the site directory. In Acquia Cloud Site Factory you must use a factory hook to customize the
settings.php file. In this guide, we will show you how to enable CORS for Acquia Cloud Site Factory sites using Factory Hooks.
1: Check out a local copy of your site code
If you need help with this step, please check out Git best practices on Acquia Cloud Site Factory.
2: Create a services.yml file
/factory-hooks/post-settings-php/ directory, create a new
services.yml file. Copy the CORS-specific entries from the default.services.yml file into the new
services.yml file and modify to suit your needs. If you need help starting out, review examples found in the comments section of this page on drupal.org: Opt-in CORS support
3: Create the hook file
Files executed by the factory hooks must have a .php extension. Create a
services.php file in the same directory. Add these lines to the file:
<?php $settings['container_yamls'] = __DIR__ . '/services.yml';
Commit both files to your repository. After making these changes to your codebase, it is time to test in non-production.
More information about Acquia Cloud Site Factory Hooks can be found in our product guide: Hooks in Acquia Cloud Site Factory