RS policy:

Resolved northen
(@northen)

3 years, 1 month ago

Hi,

After the installation of the Plugin i have this CORS errors:

Access to script at ‘https://ml1k2mnipqvq.i.optimole.com/f:js/q:mauto/m:0/https://www.spaceloop.it/wp-content/plugins/all-in-one-seo-pack/dist/Lite/assets/seo-preview-993012e5.js?ver=4.3.5.1’ from origin ‘https://www.spaceloop.it’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Access to script at ‘https://ml1k2mnipqvq.i.optimole.com/f:js/q:mauto/m:0/https://www.spaceloop.it/wp-content/plugins/all-in-one-seo-pack/dist/Lite/assets/app-a9b6443e.js?ver=4.3.5.1’ from origin ‘https://www.spaceloop.it’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)

Plugin Support Kush
(@kushnamdev)

3 years, 1 month ago
Hi @northen ,

Thank you for trying Optimole and contacting us!

The images are being blocked when used inside the canvas element of the plugin that you are using to customize the product since the images are being served from a different domain than the one where the canvas is being displayed. This is the default behavior of the canvas element in HTML. You can try to add this to your .htaccess
```
<IfModule mod_setenvif.c>
  <IfModule mod_headers.c>
    <FilesMatch "\.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp)$">
      SetEnvIf Origin ":" IS_CORS
      Header set Access-Control-Allow-Origin "*" env=IS_CORS
    </FilesMatch>
  </IfModule>
</IfModule>
```
In short, this configures the server to allow graphic files (those with the extensions “.bmp”, “.cur”, “.gif”, “.ico”, “.jpg”, “.jpeg”, “.png”, “.svg”, “.svgz”, and “.webp”) to be accessed cross-origin from anywhere on the internet.

I hope this helps!
Thread Starter northen
(@northen)

3 years, 1 month ago
Hi @kushnamdev

The problem is a js of all-in-one plugin and not an image.

And this happens only if i’m logged!
- This reply was modified 3 years, 1 month ago by northen.
Plugin Support Kush
(@kushnamdev)

3 years, 1 month ago

Hey @northen

Did you try to add the code to the .htaccess file? if not can you please try and check if solves the issue? For most of the users, this code solves the issue even with js files.

Thank you!

Thread Starter northen
(@northen)

3 years, 1 month ago

Hi @kushnamdev

Yep, but doesn’t work.
Plugin Support Kush
(@kushnamdev)

3 years, 1 month ago
Hey @northen

Thank you for providing the error, it’s clear now. Your JavaScript is blocked by the website because of the strict content policy used on your WordPress instance.
There are two options here, you can disable this setting in Optimole – https://vertis.d.pr/i/OME2Kr and then your CSS/JS files won’t be served by Optimole.

The alternative (recommended) solution would be to allow serving files from 3rd party domains (like Optimole)
```
<IfModule mod_setenvif.c>
  <IfModule mod_headers.c>
    <FilesMatch "\.(bmp|cur|gif|js|ico|jpe?g|png|svgz?|webp)$">
      SetEnvIf Origin ":" IS_CORS
      Header set Access-Control-Allow-Origin "*" env=IS_CORS
    </FilesMatch>
  </IfModule>
</IfModule>
```
Sorry for any confusion, the previous code that I provided didn’t have js extension in the list that’s why it was not working. Can you try this code and let us know how it goes?

I hope this helps and if it doesn’t help please ask your hosting provider about allowing resources from external domains to be served on your website.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘RS policy:’ is closed to new replies.