Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at
I'm using CometChat in my website and recently my users art having this problem with receiving messages. After inspection in FireBug i realized it must be because of the CORS protection (due to the following error) that the script is failing.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://x3.chatforyoursite.com/subscribe/... This can be fixed by moving the resource to the same domain or enabling CORS.
Now I'm wondering where should I enable CORS because it is enabled on my own server and I have no access to the CometChat server.
Answer
The server at x3.chatforyoursite.com needs to output the following header:
Access-Control-Allow-Origin: http://www.example.com
Where http://www.example.com is your website address. You should check your settings on chatforyoursite.com to see if you can enable this - if not their technical support would probably be the best way to resolve this. However to answer your question, you need the remote site to allow your site to access AJAX responses client side.