Site 1- a magazine site using PayPlans for subscription content and a module named Flipbook Premium to display PDF files inside K2 articles.
The site has worked fine for years but as recently as this last chain of Joomla and component updates we get CORS errors. If a user follows a link to https://sitename.com/article the PDF never finishes loading and in the console we see this error pop up:
Code: Select all
Access to XMLHttpRequest at 'https://www.sitename.com/modules/mod_flipbookpremium/assets/js/libs/pdf.worker.min.js?ver=1.2.7' from origin 'https://sitename.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
We have never had this issue until recently.
Site 2- a virtuemart store site using the JoomlaPro One Page Checkout plugin and PayPal for payment processing
In this case we wanted to turn on a feature in VM's PayPal to allow us to accept PayPal Credit. Again, the site worked fine for years before, but when we turn on this credit option the one page checkout form starts throwing the same kind of CORS error:
Code: Select all
Access to XMLHttpRequest at 'https://www.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=EC-2E584443NW736744U' (redirected from 'https://storesite.com/index.php?option=com_virtuemart&view=cart&vmtask=updatecartaddress') from origin 'https://storesite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.