I'm using CometChat in my website and recently my users art having this problem with receiving messages. After inspection in FireBug i realized it must be because of the CORS protection (due to the following error) that the script is failing.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://x3.chatforyoursite.com/subscribe/... This can be fixed by moving the resource to the same domain or enabling CORS.
Now I'm wondering where should I enable CORS because it is enabled on my own server and I have no access to the CometChat server.
This question is related to
ajax
cors
access-control
The server at x3.chatforyoursite.com needs to output the following header:
Access-Control-Allow-Origin: http://www.example.com
Where http://www.example.com is your website address. You should check your settings on chatforyoursite.com to see if you can enable this - if not their technical support would probably be the best way to resolve this. However to answer your question, you need the remote site to allow your site to access AJAX responses client side.
The use-case for CORS is simple. Imagine the site alice.com has some data that the site bob.com wants to access. This type of request traditionally wouldn’t be allowed under the browser’s same origin policy. However, by supporting CORS requests, alice.com can add a few special response headers that allows bob.com to access the data. In order to understand it well, please visit this nice tutorial.. How to solve the issue of CORS
Source: Stackoverflow.com