In the browser console, the log shows:
Mixed Content: The page at ‘https://www.mysite.com/wp-admin/post.php?post=56746&action=elementor’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘https://www.mysite.com/wp-json/splitTestForElementor/v1/tests’. This request has been blocked; the content must be served over HTTPS.

In the Network tab, I see this information about the request:
Requested URL: https://www.mysite.com/wp-json/splitTestForElementor/v1/tests/

Response Header – Location: https://www.mysite.com/wp-json/splitTestForElementor/v1/tests

Any idea how to fix this error?

Access to XMLHttpRequest at ‘https://moderate.cleantalk.org/api2.0’ from origin ‘………’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

https://moderate.cleantalk.org/api2.0 Failed to load resource: net::ERR_FAILED

Any ideas on what is going on here? Thanks.

First of all, thank you for the great work you guys put into crafting this plugin.

Secondly, we have faced an issue when we started using this plugin on one of our websites that uses a reverse proxy which means the ajax requests will be going to a different domain.
We noticed that all ajax requests fired from frontend by ALM are failing due to a CORS Error because of a custom header that was sent with GET requests:
“Access to XMLHttpRequest at ‘https://’ from origin ‘https://’ has been blocked by CORS policy: Request header field x-requested-with is not allowed by Access-Control-Allow-Headers in preflight response.”

We noticed that the custom header “x-requested-with” was recently added in version 5.4.3.

Removing that header solved the problem.

We wanted to flag this issue in case anyone else faces it. Also, it would be great if a fix can be made to prevent this scenario from happening.

Thanks,
Alaa

The website is using HTTPS and I can’t see, even from scanning the database, where this HTTP request is set up or coming from.

To make matters worse I also get the same errors trying to access the plugin Admin menu “Instagram Feeds” so my only option is to delete the plugin and look for an alternative, which I’m reluctant to do.

I see the same errors in Chrome and

Any ideas?

Now when I try to update (save) a woocommerce product, I get the following error and can not update the post:

[Deprecation] Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user’s experience. For more help, check https://xhr.spec.whatwg.org/.

Screenshot: https://prnt.sc/unrp8e

However, if I try to delete the “disabled” class from the button html and then click the button again, the post updates normaly.
Screenshot: https://prnt.sc/unrqg8

I tried to Google for a solution and I kind of understand the error but I have no clue about how to fix it. As I said I can not afford any update for several reasons.

[Deprecation] Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user’s experience. For more help, check https://xhr.spec.whatwg.org/.

and then all 404 errors that seem to be instagram images

Please how to fix this?

came across your plugin and really liked what it does in comparison to others. However, the only 1 big advantages in your plugin didn’t work for me.

When i enable Asynchronously load JavaScript it blocked all my website content. error is:

Access to XMLHttpRequest at 'https://c0.wp.com/c/5.5/wp-includes/js/jquery/jquery.js' from origin 'website url' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

tried to exclude the page with no luck.

I used https://{any}.wp.com/{all}

Please assist

Error in processing request
Error text: TypeError: Object doesn’t support property or method ‘setRequestHEADer’ (rejected)
It seems that the connection to server has been lost. Please check your network connectivity and server status.

I also have a Concrete5 site running on the same server. When I access phpMyAdmin using that site’s URL (i.e., www.MyConcrete5Site.com), I have no issue, despite the fact that they point to the same code. I’ve already attempted to disable all plugins and revert to a released WordPress theme, and didn’t have much luck.

Any ideas? Is there a reason phpMyAdmin would behave fine from the C5 URL, but throw an XMLHttpRequest error when accessed from the URL hosting a WordPress site?

I love the plugin and currently have the free version.

Unfortunately, after the latest update, I’ve been getting stuck on a “loading” loop when trying to access the Calendar page. Here’s the error I’m getting:

Mixed Content: The page at '/wp-admin/edit.php?page=wp-scheduled-calendar-post' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint '/?rest_route=/wpscp/v1/future/post'. This request has been blocked; the content must be served over HTTPS.

Am I the only one with the issue? What can I do to solve it? Or is there a fix coming out soon?
Thank you!

I got a problem with this error:

Access to XMLHttpRequest at “ADRESS HERE” has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Installed your plugin but not sure what I should activate to resolve the error.

I turned on: Access-Control-Allow-Origin, but same error.

Any suggestions?

thanks!