Ahh, I think that's my problem. I am using Apache, but there is an nginx proxy 'in front' too. I'll try over on the forums for that system before troubling you again. Many thanks for all your help with this, and the whole project!
]]>location / {
https://doc.livehelperchat.com/docs/ngi … tion-tips/
If you are using apache make sure you use and do not send these headers for php files as they send themself it.
<Files ~ "\.(gif|jpe?g?|png|bmp|swf|css|js|svg|otf|eot|ttf|woff|woff2|swf|mp3|ogg|wasm|wav|pdf|ico|txt)$">
Header always Set Access-Control-Allow-Origin "*"
Header always Set Access-Control-Allow-Methods: "GET, POST, OPTIONS, PUT, DELETE"
Header always Set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization"
</Files>
In general just tweak your settings untill you get inly one cors related part in your responses.
]]>I'm also afraid that I am the hosting provider - I'm trying to get this to work for our customers.
I can see that the different resources all have different request headers. /design/defaulttheme/js/widgetv2/react.app.js, for example, does not have the 'Header always Set Access-Control-Allow-Origin "*"' request header, although it is in the .htaccess file in the root of the web server. If i simply load the root i do see the headers, and if I load /index.php/eng/widgetrestapi/onlinesettings I get the headers twice!
Header always Set Access-Control-Allow-Origin "*"
Header always Set Access-Control-Allow-Methods: "GET, POST, OPTIONS, PUT, DELETE"
Header always Set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization"
the issue is the same?
If yes are you sure you don't have some directive or extra Apache directive that block or set a different Origin directive?
I have:
AddType application/wasm .wasm
<Files ~ "\.(gif|jpe?g?|png|bmp|swf|css|js|svg|otf|eot|ttf|woff|woff2|swf|mp3|ogg|wasm|wav|pdf|ico|txt)$">
Header always Set Access-Control-Allow-Origin "*"
Header always Set Access-Control-Allow-Methods: "GET, POST, OPTIONS, PUT, DELETE"
Header always Set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization"
</Files>
in the .htaccess file that is in the root of my LHC server, which i got from github.com/LiveHelperChat/livehelperchat/blob/master/lhc_web/.htaccess
Thanks for your help with this
]]>To test that the .htaccess file on my LHC server is working, I added the following lines:
RewriteEngine On
Options +FollowSymLinks
RewriteRule ^test\.html http://www.google.com/? [R=301,L]
Now, whenever i visit help.bongoit.co.uk/test.html i get redirected to www.google.com. As far as I understand, this means my .htaccess file is working on my server.
Is there anything lese that can cause no headers in JS response?
Many thanks!
]]>Check this article: https://doc.livehelperchat.com/docs/int … her-domain
]]>I am getting the Cross-Origin Request Blocked error as I am using separate subdomains for LHC and my main website.
LHC is at help.bongoit.co.uk
My main website is at bongoit.co.uk
I am using the .htaccess file from github.com/LiveHelperChat/livehelperchat/blob/master/lhc_web/.htaccess on help.bongoit.co.uk/
In my browser console, i can see
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at help.bongoit.co.uk/design/defaulttheme/js/widgetv2/index.js?2020321. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
I have:
Ubuntu 18.04.4
Apache 2.4.29
PHP 7.2.24
MySQL 5.7.29
Please can you help?
]]>