Local Community

Issues with CORS when overriding WP_HOME and WP_SITEURL to be live links URL which includes username:password@

Issue Summary

See How do i turn off un/pw for live links? - #4 by aubreypwd for some context.

If we aren’t going to have the username:password bit removed, I would like to at least like to use the method mentioned in that comment. But, when I do, you can see the site won’t work. If I remove the username:password@ bit it works, but then home_url(), etc does not have the username and password which does not allow some services like JetPack, webhooks, etc see my site as “live.”

Troubleshooting Questions

  • Does this happen for all sites in Local, or just one in particular?
    All; directly linked to live links.

  • Are you able to create a new, plain WordPress site in Local and access it in a Browser?
    Yes, but not using that method.


Setup a live link that requires a username and password, then add:

if ( isset( $_SERVER['HTTP_X_ORIGINAL_HOST'] ) && ! stristr( $_SERVER['HTTP_X_ORIGINAL_HOST'], 'affwp-dev.test' ) ) {
	define( 'WP_HOME', "https://username:password@{$_SERVER['HTTP_X_ORIGINAL_HOST']}" );
	define( 'WP_SITEURL', "https://username:password@{$_SERVER['HTTP_X_ORIGINAL_HOST']}" );

…to your wp-config.php and visit the live link and replace the username and password for your live link. At this point the home and siteurl in the DB is overridden, and the entire site should use the live link I setup to run everything, but it does not work and throws CORS errors.

System Details

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.