Live Helper Chat support forum.. Forum is locked. New place for questions - Github Discussions
You are not logged in.
- Topics: Active | Unanswered
Announcement
Pages: 1
#1 2018-03-12 21:52:50
- _trip
- Member
- Registered: 2018-03-12
- Posts: 2
Xss headers
I tried setting these in apache vhost.d file:
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow Credentials true
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, PUT, DELETE"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-request-with, content-type, authorization, accept, client-security-token"
Header always set Var "Accept-Encoding, Origin"
But CORS is not working still. When trying to get contentWindow.document in javascript i receive "SecurityError: Premission denied to access property "document" on cross-origin object.
I'm using the widget embed code feature, and would like to set the username manually using the user from a site on the same server are livehelperchat.
Any help would be greatly appreciated.
Thank you 
Offline
#2 2018-03-12 21:54:58
- PeopleInside
- Administrator
- From: Italy
- Registered: 2014-04-10
- Posts: 4,046
- Website
Re: Xss headers
Hi _trip, welcome in the live help forum.
You are asking for server help, this is out of my free limited support scope.
You can try to look on the web or try to ask about server config issue on stackoverflow
PeopleInside - Live helper chat - free limited forum support!
For commercial support or GitHub [see FAQ here]
If you want to support this open source project, just donate [see support page] Something wrong with the forum? [contact a superhero]
Offline
#3 2018-03-15 19:55:24
- _trip
- Member
- Registered: 2018-03-12
- Posts: 2
Re: Xss headers
For anyone that may be interested, I used javascript's postMessage in one of the tpl files to get around the issue.
Offline
#4 2018-03-15 20:10:02
- PeopleInside
- Administrator
- From: Italy
- Registered: 2014-04-10
- Posts: 4,046
- Website
Re: Xss headers
Hi _trip,
thank you for the updates, happy to read you have resolved!
PeopleInside - Live helper chat - free limited forum support!
For commercial support or GitHub [see FAQ here]
If you want to support this open source project, just donate [see support page] Something wrong with the forum? [contact a superhero]
Offline
Pages: 1