CORS Problem
Your REST Web API appears to disallow cross origin resource sharing (CORS) - I get the following error when attempting to read connections after a successful login from google:
XMLHttpRequest cannot load https://trisys.api.oneall.com/connections/52e82f21-ff7b-42ae-8f45-e3ec45e6a1aa.json?_=1452612544211. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.trisys.co.uk' is therefore not allowed access. The response had HTTP status code 405.
My settings allow access from *.trisys.co.uk
XMLHttpRequest cannot load https://trisys.api.oneall.com/connections/52e82f21-ff7b-42ae-8f45-e3ec45e6a1aa.json?_=1452612544211. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.trisys.co.uk' is therefore not allowed access. The response had HTTP status code 405.
My settings allow access from *.trisys.co.uk
Best Answer
Welcome!
Please sign in to your OneAll account to ask a new question or to contribute to the discussions.
Please click on the link below to connect to the forum with your OneAll account.
Information
Products & Services
Categories
- 2.2K All Categories
- 1.1K General
- 1.1K Questions
- 46 Suggestions
- 592 Implementation
- 10 Single Sign On
- 16 LoudVoice
- 658 Turnkey Plugins
- 42 Drupal
- 33 Joomla!
- 21 Magento
- 22 myBB
- 84 Opencart
- 125 phpBB
- 39 PrestaShop
- 31 Simple Machines Forum
- 9 Vanilla
- 17 vBulletin
- 8 WHMCS
- 221 WordPress
- 6 ZenCart
Answers
yes, this is indeed a better solution. The OneAll API Keys should never bee included in a JavaScript file, as these files are disclosed to your visitors.
Regards,