I have three sub-domains namely, a.xyz.com, b.xyz.com, c.xyz.com. Now, I have about 20 ajax request to be made on body onload of a.xyz.com.

So, I thought of distributing 20 requests equally among the three domains above. I tried it through this piece of snippet in .htaccess of b.xyz.com and c.xyz.com. However, the request from a.xyz.com to any other sub-domain is still getting dumped.

<IfModule mod_headers.c>
   <FilesMatch "\.(php)$">
    Header set Access-Control-Allow-Origin: http://a.xyz.com,http://b.xyz.com,http://b.xyz.com
    Header set Access-Control-Allow-Methods : POST,GET,OPTIONS
</FilesMatch>
  </IfModule>

I have placed the above .htaccess file in my subdomains b.xyz.com and c.xyz.com.

So, can anyone predict whats wrong in my approach ?

Thanks !

Try this to allow cross domain on all xyz.com subdomains:

SetEnvIf Origin "http(s)?://(.+\.)?(xyz\.com)$" ORIGIN_DOMAIN=$0
<FilesMatch "\.(php)$">
  <IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin %{ORIGIN_DOMAIN}e env=ORIGIN_DOMAIN
    Header set Access-Control-Allow-Methods "POST,GET,OPTIONS"
  </IfModule>
</FilesMatch>