php – CORS Headers Access-Control-Allow-Origin

I’m trying to get data from Instagram with jQuery.

jQuery.ajax({
    url:"https://www.instagram.com/page?__a=1",
    success:function(data){
         console.log(data)
    }
});

This yields:

Access to XMLHttpRequest at ‘https://www.instagram.com/page?__a=1’
from origin ‘https://www.test.com’ has been blocked by CORS policy: No
‘Access-Control-Allow-Origin’ header is present on the requested
resource.

I’ve tried adding literally everything to functions.php, header.php and .htaccess that’s been mentioned anywhere, and nothing works. Also tried installing plugins that should allegedly solve this.

When I run the javascript snippet in an Electron app I get data just fine, so I’m thinking it’s not Instagram (and every other endpoint I’ve tried) that’s blocking access.

So what do I have to do to fix this?

Here’s what I currently have:

functions.php

function add_cors_http_header(){
    header("Access-Control-Allow-Origin: *");
}
add_action('init','add_cors_http_header');
header("Access-Control-Allow-Origin: *");


add_action( 'rest_api_init', function () {
    add_action( 'rest_pre_serve_request', function () {
        header( 'Access-Control-Allow-Headers: Authorization, Content-Type, X-WP-Wpml-Language', true );
        header("Access-Control-Allow-Origin: *");
    } );
}, 15 );

add_filter( 'wp_headers', 'send_cors_headers', 11, 1 );
function send_cors_headers( $headers ) {
    $headers('Access-Control-Allow-Origin') = $_SERVER( 'HTTP_ORIGIN' );
    return $headers;
}

add_filter( 'allowed_http_origins', 'add_allowed_origins' );
function add_allowed_origins( $origins ) {
    $origins() = 'https://instagram.com';
    $origins() = 'https://www.instagram.com/page';
    return $origins;
}

function just_add_cors_http_header($headers){

    $headers('Access-Control-Allow-Origin') = '*';

    return $headers;

}
add_action('wp_headers','just_add_cors_http_header');

header.php

<?php header("Access-Control-Allow-Origin: *"); ?>

.htaccess

<IfModule mod_headers.c>
  <FilesMatch ".(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$">
    Header set Access-Control-Allow-Origin "*"
  </FilesMatch>
</IfModule>


<ifmodule mod_headers.c="">
   SetEnvIf Origin "^(.*.instagram.com)$" ORIGIN_SUB_DOMAIN=$1
   Header set Access-Control-Allow-Origin "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
   Header set Access-Control-Allow-Methods: "*"
   Header set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, Authorization"
</ifmodule>