CORS header ‘Access-Control-Allow-Origin’ List multiple domains

The Access-Control-Allow-Origin response header indicates whether the response can be shared with requesting code from the given origin. More than one Access-Control-Allow-Origin header was sent by the server. This isn’t allowed.

The possible solution could be, If you have access to the server you can change your implementation to echo back an origin in the Access-Control-Allow-Origin header. You cannot send back a list of origins, because browsers only accept a value that is either a single origin or null

In my case, I am using php to access my database and i am getting the HTTP origin and then matches with the list of domains. If its matches, it will be assigned as the Access-Control-Allow-Origin header.

$HttpOrigin = $_SERVER['HTTP_ORIGIN'];

if ($HttpOrigin == "http://www.thiraseela.com" || $http_origin == "https://www.thiraseela.com" || $http_origin == "http://localhost:8080")
{  
    header("Access-Control-Allow-Origin: $HttpOrigin");
}