Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When hosted on a secure server, jQuery CORS policy won't allow access to insecure (i.e. HTTP rather than HTTPS) resources. #3

Open
jonoyuan opened this issue Feb 24, 2019 · 2 comments
Open

When hosted on a secure server, jQuery CORS policy won't allow access to insecure (i.e. HTTP rather than HTTPS) resources. #3

jonoyuan opened this issue Feb 24, 2019 · 2 comments

Comments

@jonoyuan
Copy link

jonoyuan commented Feb 24, 2019
edited
Loading

Edit: the issue is not with insecure resources, but with a missing permissions on the resource site.

For example, if you try to run an AJAX query on an insecure resource, you get the error below. Is there a workaround for this?

Access to XMLHttpRequest at 'resource' from origin 'host' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
@moradology
Copy link

There are a couple of workarounds.

  1. Copy the resource to a better location or get the permissions changed (CORS is a server-side concern)
  2. Use a server to proxy the resource - and thereby circumvent CORS. Here's a free proxy that you could use: https://corsproxy.github.io/

@jonoyuan
Copy link
Author

jonoyuan commented Mar 1, 2019

Thanks! That particular proxy is often down but I was able to find another one that works: https://cors-anywhere.herokuapp.com/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@moradology @jonoyuan