I have a wordpress site and I am getting an error from my godaddy seal. I have the html for the verify image in a widget section of the footer of my site.
When I reload the page and check firebug I am getting this error in the console.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://seal.godaddy.com/setSealAttr?sealID=ID#. This can be fixed by moving the resource to the same domain or enabling CORS.
I have tried to look up information on this issue and it's a bit over my head. Can anyone fill me in on what is throwing this error and how I might go about fixing the issue? I am just trying to understand how this error happens. Is it a conflict issue with jquery somewhere, or is it the way the seal is being loaded or perhaps the time it is being loaded?
Any help would be greatly appreciated.
I had a similar issue using the glyphicons-haflings-regular.woff fonts that came with bootstrap ver3. After adjusting the css to place the font-family declaration before any and all tag declarations my problem went away
We can fix the problem by placing base tag on our html.
Look at Same Origin Policy. Regarding
and the fact you are using wordpress, you can create a proxy very easy like this :
proxy.php :
Then you want to call a resource outside the domain, as with AJAX, use proxy.php to fake that you are trying access the resource from the same domain. Like :
Here the result is expected to be JSON, but just change header / datatype to HTML, XML or whatever if needed.
Update : @Jason raises an interesting point about security. I totally agree. Under normal circumstances one could prevent remote access to files by
.htaccess
and a<Files>
directive :...but this is not satisfactory, since it will prevent using
proxy.php
in AJAX calls as well. A solution is to check ifproxy.php
is called by another script :This will allow using proxy.php in javascript AJAX calls, but prevent direct access from remote (or locally). See this answer for more about
$_SERVER['HTTP_X_REQUESTED_WITH']
andXMLHttpRequest
.Use headers for solve cross domain error: