- Home
- Categorie
- Coding e Sistemistica
- Help Center: consigli per il tuo progetto
- Cross-Origin Resource Sharing (CORS)
-
nessuno che mi dia una mano?
-
Ciao, nel dev tools per es. di Chrome, vedi l'header Access-Control-Allow-Origin nel response?
-
Inoltre e' mod headers abilitato?
-
ho questa risposta:
Failed to load resource: the server responded with a status of 404 (Not Found)
(index):1 Mixed Content: The page at 'https:...' was loaded over HTTPS, but requested an insecure stylesheet 'http:.../templates/jsn_one2_pro/css/font-awesome.css'. This request has been blocked; the content must be served over HTTPS.
jquery-migrate-3.0.0.min.js:2 JQMIGRATE: Migrate is installed, version 3.0.0
-
ti può aiutare?
dove controllo se mod headers è abilitato?
-
can you write in english?
-
this is error: Access to Font at 'https.... has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '.....' is therefore not allowed access.
-
Can you take a screenshot of the dev tools so I can have a look? What is the resource that cannot be found? (404)
-
If you can share the URL I can have a look myself.
-
I cannot post www
-
the site is byaldino with .com
-
https
-
The website makes lots of HTTP requests and loads quite slowly for me (Finland). It took something like 20+ seconds to load the home page alone. It also loads/tries to load some resources from both the www and the naked domain and also from a mix of http and https, which causes some errors.
As for the CORS issue, the proper headers must be set for byaldino.r.worldssl.net if I am not mistaken. Which domain was that .htaccess from?
-
now I check it
-
this is my .htaccess
Header set Access-Control-Allow-Origin "*"
<IfModule mod_headers.c>
<FilesMatch "\.(ico|jpe?g|png|gif|swf|css|gz)$">
Header set Cache-Control "max-age=2592000, public"
</FilesMatch>
<FilesMatch "\.(js)$">
Header set Cache-Control "max-age=2592000, private"
</FilesMatch>
<filesMatch "\.(html|htm)$">
Header set Cache-Control "max-age=7200, public"
</filesMatch>
<FilesMatch ".(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
</IfModule>Added a rewrite to respond with a 200 SUCCESS on every OPTIONS request.
RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]@package Joomla
@copyright Copyright (C) 2005 - 2017 Open Source Matters. All rights reserved.
@license GNU General Public License version 2 or later; see LICENSE.txt
READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
The line 'Options +FollowSymLinks' may cause problems with some server configurations.
It is required for the use of mod_rewrite, but it may have already been set by your
server administrator in a way that disallows changing it in this .htaccess file.
If using it causes your site to produce an error, comment it out (add # to the
beginning of the line), reload your site in your browser and test your sef urls. If
they work, then it has been set by your server administrator and you do not need to
set it here.
No directory listings
<IfModule autoindex>
IndexIgnore *
</IfModule>Can be commented out if causes errors, see notes above.
Options +FollowSymlinks
Options -IndexesMod_rewrite in use.
RewriteEngine On
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>RewriteCond %{REQUEST_FILENAME} -s
RewriteCond %{REQUEST_FILENAME} -l
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.$ - [NC,L]
RewriteRule ^.$ index.php [NC,L]Begin - Rewrite rules to block out some common exploits.
If you experience problems on your site then comment out the operations listed
below by adding a # to the beginning of the line.
This attempts to block the most common type of exploit
attemptson Joomla!Block any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]([^)])
Block any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]s)+cript.(>|%3E) [NC,OR]
Block any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|[|%[0-9A-Z]{0,2})
Block any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|[|%[0-9A-Z]{0,2})
Return 403 Forbidden header and show the content of the root home page
RewriteRule .* index.php
End - Rewrite rules to block out some common exploits.
Begin - Custom redirects
If you need to redirect some pages, or set a canonical non-www to
www redirect (or vice versa), place that code here. Ensure those
redirects use the correct RewriteRule syntax and the [R=301,L] flags.
End - Custom redirects
Uncomment the following line if your webserver's URL
is not directly related to physical file paths.
Update Your Joomla! Directory (just / for root).
RewriteBase /
Begin - Joomla! core SEF Section.
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
If the requested path and file is not /index.php and the request
has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index.php
and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
internally rewrite the request to the index.php script
RewriteRule .* index.php
End - Joomla! core SEF Section.
-
Is that the .htaccess for byaldino.r.worldssl.net?
-
Hold on, just realised you use the CDN for that domain. You should configure the headers in the CDN resource for this to work. Do you have access to these settings?
-
yes - I do
-
ok, I try - thanks for now