Not working due to cross origin headers

I have a tricky problem I can’t figure out solution for that is stopping multisite theme manager from working. I am using cloudflare flexible SSL so I have my sites url using the www like “” but the actual site url is “” so subsites are “” and not “”.

Everything works fine but it seems that WordPress will forward the network admin panel to (without the www). This causes a problem because the plugin is trying to load scripts and work with the www domain so it wont work due to cross domain policy.

I have granted support access. To reproduce this error go to themes inside the network admin and then click “edit details” and try to add a new category. Look in javascript console and you will see the cross domain error.

I have tried to fix this by using a htaccess rule:

RewriteEngine On
RewriteCond %{HTTP_HOST} ^ [NC]
RewriteRule ^(.*)$$1 [L,R=301]

The problem with this is that when this rule is active, network level actions like creating a subsite dont work and I get the “are you sure you want to do this?” message because internally wordpress seems to want the domain to be

I also gave this rule a quick go:

<IfModule mod_headers.c>
<FilesMatch ".(php|js)$">
Header set Access-Control-Allow-Origin "*"

I know this is a bad idea but I wanted to see if it worked but I think my webhost doesn’t allow this as it didn’t change anything.

Getting everything working smoothly with cloudflare flexible SSL has been a bit of a pain but right now everything is working perfectly apart from plugins that effect the network admin page.

Any ideas on how to fix this?