As homepage I'm using SimplePortal standalone mode. On this homepage menus are missing icons (for dropdowns).
Chrome shows me this error:
Font from origin 'http://forum.elkarte.pl' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://elkarte.pl' is therefore not allowed access.
This is issue with SP or Elk? How can be solved?
Don't know if SSI page will have the same issue, because menu added with ssi_menubar(); is missing CSS, don't know why ::)
Try going in admin > configuration > security > general
And set the "Frame Security Options" to "Allow Same Origin".
I have this set up like this from the beginning
Try disabled then?
Ahh.... sorry, I didn't realize I was looking at SP standalone.
Yes, apparently the standalone file needs a call to frameOptionsHeader and probably securityOptionsHeader.
@Spuds that's for ya! :P
/me has to update its SP repo...
Set the headers should be something "delayed" (i.e. add everything to an array and sent all of them at once), it may be one of the things to do in 1.1.
I tried every option - no success.
Sorry, I was wrong, actually those two functions are needed in SSI.php I think...
So an SSI bug ?
It should be verified.
@phantom could you try adding frameOptionsHeader and securityOptionsHeader to SSI... I'd say somewhere around
here (https://github.com/elkarte/Elkarte/blob/master/SSI.php#L184)? Thanks!
still no luck :|
Okay, I did a quick search on google and found:
https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/sU138vJ_PI0
apparently it's something to set on the font header.
Again a quick google search I found:
http://enable-cors.org/server_apache.html
Yay! It works :D
I found earlier that second page, but tried only php/HTML code (http://enable-cors.org/server_php.html ), now I added one line in .htaccess and it works great :)
Cool!