Proper way to enable CORS

I’d like to enable CORS for a vhost; I see that there is a xdomain_request variable, but I have no idea how to use it.
How can I enable CORS for a vhost?

Thanks in advance


BTW I see this:
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin

but it should be:
Header set Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin

since only 1 such header is allowed.

You can customize the vhosts via vhost-gen configuration as described here: