Solved

CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

  • 29 October 2021
  • 4 replies
  • 5097 views
C
Rank
Badge +2

Hello,

 

Using the legacy form and I’m having some trouble with CORS. I receive the following error message in the console: 

Access to XMLHttpRequest at 'https://manage.kmail-lists.com/subscriptions/subscribe' from origin 'https://mydomain.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Here’s my form tag: 

<form action="//manage.kmail-lists.com/subscriptions/subscribe" data-ajax-submit="//manage.kmail-lists.com/ajax/subscriptions/subscribe" method="GET" target="_blank" data-form-email="" novalidate="">

I’ve also added the necessary JavaScript file in my header (per the legacy form docs):

<script type="text/javascript" src="//www.klaviyo.com/media/js/public/klaviyo_subscribe.js"></script>

And have even added this to my .htaccess file: 

#Begin Klaviyo CORS
Header set Access-Control-Allow-Origin 'https://manage.kmail-lists.com'
Header set Access-Control-Allow-Source-Origin 'https://mydomain.com'
#End Klaviyo CORS

But, to no avail, it simply does not work as the post request is blocked. 

I’ve also double checked to ensure the headers module is in fact enabled in apache. 

 

Anything I’m doing wrong?

icon

Best answer by David To 29 October 2021, 20:54

View original

4 replies

David To
Rank
Userlevel 7
Badge +60

Hello @Carnivore Jack Web Team,

Thanks for sharing your question with the Klaviyo Community!

Do you happen to be running this code from your local machine/local environment? From my experience you’ll need to run this code from a public HTTPS site for the code to work. Some Community post that touch upon this can be found below:

I hope this helps!

David

C
Rank
Badge +2

Hi David,

 

This site is sitting on a public facing server that uses HTTPS. 
 

in my post I changed my domain to a generic domain in the header code etc. 

David To
Rank
Userlevel 7
Badge +60

Hey @Carnivore Jack Web Team,

On a closer looks, it looks like the error seems to be calling out https://manage.kmail-lists.com/subscriptions/subscribe. I may suggest using https://manage.kmail-lists.com/ajax/subscriptions/subscribe instead. Therefore, rather than the form tag you are currently using:

<form action="//manage.kmail-lists.com/subscriptions/subscribe" data-ajax-submit="//manage.kmail-lists.com/ajax/subscriptions/subscribe" method="GET" target="_blank" data-form-email="" novalidate="">

I would recommend the following:

<form action="//manage.kmail-lists.com/ajax/subscriptions/subscribe" method="POST" target="_blank" data-form-email="" novalidate="">

David

C
Rank
Badge +2

Whoops! No idea how I missed that… thanks for pointing that out. 

 

This worked like a charm. 

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Links & Resources

Platforms

Partners

Useful Things

About

  • Terms and Privacy
    © 2024 Klaviyo All rights reserved. Klaviyo and the Klaviyo logo are trademarks or registered trademarks of Klaviyo, Inc. or its affiliates.