javascript - google+ sign in api, sending access tokens over http? -
hello unfortunately site working on has no ssl certificate or (kinda stupid nil can do). implementing google+ sign in on site , javascript working, access token , well.
the problem when comes time send info off server verification before signing user in, ok send access token on http or need ssl that. have tried getting cors work ajax maintain getting
"cross-origin request blocked: same origin policy disallows reading remote resource @ https://www.mysite.com/store/google_login. can fixed moving resource same domain or enabling cors."
it works on over http have no thought how working using https, keeps bringing same error.
i tried putting these headers @ origin of google_login function, tried .httaccess instead , still nothing.
header("access-control-allow-origin: https://www.mysite.com"); header("access-control-allow-headers: cache-control, x-csrf-token, x-requested-with, x-file-name, x-file-size"); so ideas on do? can utilize http, maybe somehow encrypt before sending it, uncertainty don't know else cors working, server has no ssl certificate way, problem? have no way prepare either unfortunately
javascript php ajax ssl cors
No comments:
Post a Comment