{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 你好瞎i 的问题《Cross-Origin Request Blocked: The Same Origin Poli》','https://www.manongdao.com/q-99441.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm using CometChat in my website and recently my users art having this problem with receiving messages. After inspection in FireBug i realized it must be because of the CORS protection (due to the following error) that the script is failing.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://x3.chatforyoursite.com/subscribe/... This can be fixed by moving the resource to the same domain or enabling CORS.
Now I'm wondering where should I enable CORS because it is enabled on my own server and I have no access to the CometChat server.
The server at
x3.chatforyoursite.comneeds to output the following header:Access-Control-Allow-Origin: http://www.example.comWhere
http://www.example.comis your website address. You should check your settings onchatforyoursite.comto see if you can enable this - if not their technical support would probably be the best way to resolve this. However to answer your question, you need the remote site to allow your site to access AJAX responses client side.The use-case for CORS is simple. Imagine the site alice.com has some data that the site bob.com wants to access. This type of request traditionally wouldn’t be allowed under the browser’s same origin policy. However, by supporting CORS requests, alice.com can add a few special response headers that allows bob.com to access the data. In order to understand it well, please visit this nice tutorial.. How to solve the issue of CORS
For simple GET request your can use a proxy server like https://bypasscors.herokuapp.com/