To Allow crossite calls via Ajax or for Fonts and so one, from specific subdomains:
<IfModule mod_headers.c> SetEnvIfNoCase Origin "https?://(www\.|sub1\.|sub2\.|sub3\.|sub4\.)?(ask-sheldon\.com)(:\d+)?$" AccessControlAllowOrigin=$0 Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin Header set Access-Control-Allow-Credentials true </IfModule>
Or you can place a crossdomain.xml in your DocumentRoot (does not work everywhere)
<?xml version="1.0"?> <cross-domain-policy> <allow-access-from domain="*.ask-another-sheldon.com" /> <allow-access-from domain="*.ask-anothernother-sheldon.com" /> </cross-domain-policy>