-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cross origin domain error on requesting a login token #24
Comments
Are you maybe using some kind of HTTP proxy that modifies requests headers? Could you open the |
I'm using CloudFlare so that's entirely possible. I'll look into those headers later today. |
With CloudFlare, if you use HTTPS to contact CloudFlare, but have CloudFlare configured to talk to Heroku via plain HTTP it could perhaps cause such failure (haven't tested this though). |
I don't believe I can control how Cloudflare communicates to my origin. Can you think of any way to debug this? Thanks. |
You can control it: https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-Off-Flexible-SSL-Full-SSL-Full-SSL-Strict-mean- |
Ah, good stuff. Yeah, I'm using the Flexible SSL which isn't encrypted to my server. Think that's what's causing issues? |
Yes, it can be, do you have a way to test the |
Not easily at the moment. The Flexible SSL kind of does exactly what I need and is a lot cheaper (ie. free) compared to a full SSL setup. I can certainly live with having to use the direct Heroku URL for now. |
When I try to use a non-Heroku domain I receive this error:
Failed to send the token to XYZ: Cross origin requests not allowed.
Even though this domain is listed in the "Allowed addresses" section.
The text was updated successfully, but these errors were encountered: