![[Pagely® Support] Help Center home page](http://theme.zdassets.com/theme_assets/32062/e20014c09402d0f441c5dc83b31c8af4417accbe.svg)
What Are Pagely's Default CORS Headers?
By default, Pagely adds CORS headers on ARES for webfonts such as "eot|otf|svg|ttc|ttf|woff2".
What If We Want To Add Additional CORS Headers?
Most cross-origin-resources should work out of the box.
If there are any security concerns about using the wildcard option, we suggest to look over the CORS documentation here and determine the best option for your site. If these do not alleviate your concerns, or you require additional assistance. please contact support to discuss the matter further.
Modifying CORS Headers for WordPress REST API Requests
The default CORS headers when accessing the WordPress REST API can be modified using a bit of custom code on your site.
For more information on modifying CORS headers when using the REST API, see the following:
- rest_send_cors_headers function in WordPress
- Access Control Headers For The WordPress REST API by Josh Pollock
- Plugin example for setting custom CORS headers on REST API GET requests
- Plugin example for setting custom CORS headers on all REST API requests