No 'Access-Control-Allow-Origin' header is present on the requested resource

Question

No 'Access-Control-Allow-Origin' header is present on the requested resource

royzinn opened this issue 8 years ago · 4 comments

Hi,
Thanks for sharing this GEM.
I am trying to use the gem following this article https://medium.com/@parterburn/wordpress-inside-a-ruby-on-rails-app-c324fbf39ad8#.wjiweptf8 which is to setup a WP blog on '/blog' for Rails app.
Everything seems to be working fine except that the loaded page has access control issues: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I set the response header from WP to allow access control (it has Access-Control-Allow-Origin:* in the response header. but the page still seems to block some content.
Anything you can suggest that may resolve it?
Thanks

Answer 1 · 2018-02-14T06:31:01.000Z

@royzinn were you able to solve this? I'm having the same/similar problem. The wordpress site under /blog loads fine, but some fonts don't load. The browser gives the following error: "has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource".

Answer 2 · 2018-02-14T07:30:58.000Z

Nico, you'll need to enable CORS headers on wordpress side. But be careful to only allow the domains you are running this ruby proxy on, otherwise you'll potentially open up a vulnerability. If you are not quite sure how to do that, ask on some wordpress forum, or find some wordpress developer who can do that. Kind regards, ~Oleksii

On Wed 14. Feb 2018 at 7:31 AM, ☺ Nico ***@***.***> wrote: @royzinn <https://github.com/royzinn> were you able to solve this? I'm having the same/similar problem. The wordpress site under /blog loads fine, but some fonts don't load. The browser gives the following error: "has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource". — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#35 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAlLFrSsi6-F20vrYmaLyRDee0b6605pks5tUn2lgaJpZM4KBrI8> .

-- Oleksii Fedorov Software Engineer, Consultant, and Software Crafter, Adept of Depth in a world of Shallow, I care about software developers' productivity and software quality, Grab my Ultimate Tutorial: Getting Started With Kotlin: https://iwillteachyoukotlin.com

Answer 3 · 2018-02-15T11:41:41.000Z

@nicobrenner - sorry for the delayed response. I'm not sure what we did as we abandoned the WP option and went for something else. Look at the response above however, it might be helpful.

Roy

Answer 4 · 2018-02-16T21:10:35.000Z

@waterlink Thank you so much for the super quick and on point reply. Was able to solve it as you said, by adding CORS headers on the wordpress side. It was actually pretty simple with an .htaccess file, used this as a guide: https://stackoverflow.com/questions/1653308/access-control-allow-origin-multiple-origin-domains

@royzinn Thank you for the info. What option did you guys go for in the end?