Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blocked request #25

Closed
serafinomb opened this issue Dec 13, 2013 · 10 comments
Closed

blocked request #25

serafinomb opened this issue Dec 13, 2013 · 10 comments

Comments

@serafinomb
Copy link

I think I've everything set up just right but I get this message:

xdomain (http://slave-url.com): blocked request from: 'http://master-url.com'

and on slave domain on load I get this:

xdomain (http://slave-url.com): slaves must be in an iframe

Have anyone any idea of what's causing the issue?
@serafinomb
Copy link
Author

Solved by adding this:

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

In the Slave .htaccess.

@jpillora
Copy link
Owner

Blocked means you've misconfugured it somehow

You haven't actually fixed it, you're just using cors now. You can use cors
if you like but you won't have easy IE support.

If you want to use XDomain, can you post your code? Script tags used?

On Saturday, December 14, 2013, blueowner wrote:

Solved by adding this:

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with,
content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"

In the Slave .htaccess.


Reply to this email directly or view it on GitHubhttps://github.com//issues/25#issuecomment-30514243
.

@serafinomb
Copy link
Author

I've noticed an iframe in the master-site and no errors a few ago..
Tried to remove the .htaccess lines and indeed it's working fine with no errors.

I've used the same code shown in the Quick Usage.

@jpillora
Copy link
Owner

Okay good to hear. Yup the quick usage code should do it.

On Saturday, December 14, 2013, blueowner wrote:

I've noticed an iframe in the master-site and no errors a few ago..
Tried to remove the .htaccess lines and indeed it's working fine with no
errors.

I've used the same code shown in the Quick Usage.


Reply to this email directly or view it on GitHubhttps://github.com//issues/25#issuecomment-30525959
.

@pasupulaphani
Copy link

I'm now facing this error. How did you solve this exactly?

@pasupulaphani
Copy link

This worked for me:
proxy.html

<!doctype html>
<script src=" * path to script here * /xdomain.min.js" data-master="*"></script>

In index.html

<script src=" * path to script here * /xdomain.min.js"></script>
<script>
  xdomain.slaves({
    'http://www.example.co.uk': '/proxy.html'
  });
</script>

@c0mrade
Copy link

c0mrade commented Mar 22, 2015

Solution to this is very misleading. And I mean both by @BlueOwner and @pasupulaphani . Solution is to turn off the 'X-Frame-Options' header for the proxy.html

@pasupulaphani
Copy link

Thank you very much @c0mrade . I will try what u said and will edit my above comment.

@jpmckearin
Copy link

@c0mrade Can you elaborate on what you mean by "turn off" the X-Frame-Options header? Looking at the specs for X-Frame-Options state that the only options are DENY, SAMEORIGIN, and ALLOW-FROM uri. Could you follow up as well, @pasupulaphani

@c0mrade
Copy link

c0mrade commented Jun 17, 2015

means remove it

@zdenekhatak zdenekhatak mentioned this issue Nov 6, 2015
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@c0mrade @jpillora @pasupulaphani @serafinomb @jpmckearin