External Pages CORS error

Dear @epss ,

Thank you for reaching out to us regarding the CORS (Cross-Origin Resource Sharing) error you encountered.I’m here to help you resolve this issue.

Upon reviewing the information you provided, it seems that you have taken the right steps to enable CORS. However, the error suggests that there might be a misconfiguration or a missing piece in the setup. Let’s explore a few potential solutions to address the problem:

• Verify the Correct Domain:
  Please ensure that the domain you specified in the .htaccess file matches the actual domain of your external site. In your case, you have set the Access-Control-Allow-Origin header to “https://coutcomes.org”. Make sure this is the correct domain and that there are no typos or inconsistencies.

• Include the HTTP Method:
  To allow CORS requests, it’s essential to include the appropriate Access-Control-Allow-Methods header. Please make sure that you have added the following line to your .htaccess file, inside the “” block:

Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"

Including the “OPTIONS” method is crucial as it handles preflight requests.

• Confirm Mod_headers Module:
  Ensure that the mod_headers module is enabled on your server. You can check this by contacting your hosting provider or checking your server configuration.

• Check Hosting Restrictions:
  Some hosting providers impose restrictions on CORS configuration. It’s worth reaching out to your hosting support team to confirm that there are no limitations or additional steps required to enable CORS on your server.

• Debugging Tools:
  To further investigate the issue, you can use browser developer tools to examine the network requests and responses. Look for any specific error messages related to CORS in the console or network tabs. These details can provide additional insights into the problem.

If the issue persists after applying these suggestions, please provide me with the following information to assist you better:

• The URL of your external site where you are attempting to integrate SlimStat.
• The specific error messages or warnings you see in the browser’s developer console or network tabs.
• Any additional details or steps you have taken that might be relevant to the issue.

With the above information, we’ll be able to investigate further and provide you with a more accurate solution.

Thank you for your patience and cooperation in resolving this matter. We’re committed to ensuring a seamless integration experience, and I’m confident that we’ll find a resolution together.

Best regards,

Reza

Thanks for your help.

• I have verified that the correct domain is in the access-control-allow-origin
• I have added the Header set Access-Control-Allow-Methods “GET, POST, OPTIONS” to the .htaccess on the Slimstat site
• Via developer tools, I have confirmed that the headers on the admin-ajax.php contain these headers

In the network tab of developer tools the second call to admin-ajax.php is over http not https. I don’t know if that makes a difference or not.

The url of the single page that it is installed on is https://coutcomes.org/visual/demo

The error code in the console is

OPTIONS
https://coutcomes.net/wp-admin/admin-ajax.php

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://coutcomes.net/wp-admin/admin-ajax.php. (Reason: CORS preflight response did not succeed). Status code: 403.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://coutcomes.net/wp-admin/admin-ajax.php. (Reason: CORS request did not succeed). Status code: (null).