Hamburger menu broken because of CORS error

  • Resolved toddulus

    (@toddulus)


    5 months ago

    Hamburger menu is not working for me in 6.5.5. Checking browser console I see it’s because these WordPress includes are being blocked by CORS policy.
    /wp-includes/blocks/navigation/view.min.js
    /wp-includes/js/dist/interactivity.min.js
    Other file includes on the website are not having the same problem.
    I have a feeling this is a problem with the CORS policy setting on the host env (GoDaddy), but I am interested if anyone has seen this before, or has a fix.

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • rodicaelena

    (@rodicaelena)

    Hi,

    Yes, that doesn’t seam to be related to the theme (I’ve also tested this on my side), it’s possibly related to some site-specific settings.

    Hope you find a solution.

    Kind regards,

    Rodica

    Thread Starter toddulus

    (@toddulus)

    I got it working. Had to change .htaccess. AS I suspected it was related to GoDaddy config – somehow. I have a working theory that this relates to GoDaddy config and the April upgrade to WordPress 6.5
    Still can’t figure out why it wasn’t a problem for other local javascript files.
    I should point out this issue occured on many themes, not just Raft

    Thread Starter toddulus

    (@toddulus)

    Thanks @rodicaelena

    ais100

    (@ais100)

    @toddulus, I have the same problem with my site on GoDaddy. Care to explain what changes you made to the .htaccess file and the GoDaddy config?

    Thank you

    Thread Starter toddulus

    (@toddulus)

    @ais100 Yep no worries. There is probably a more elegant solution, but this worked for me for now. Also this is a GoDaddy error, so GoDaddy should fix it, but in the meantime…

    Edit file top section of .htaccess file to include this header:
    Header set Access-Control-Allow-Origin “*”

    e.g:

    # BEGIN GD-SSL
    <IfModule mod_rewrite.c>
    ...
    Header add Strict-Transport-Security "max-age=300"
    Header always set Content-Security-Policy "upgrade-insecure-requests"
    Header set Access-Control-Allow-Origin "*"
    </IfModule>
    # END GD-SSL

    For the change to be applied, clear your site’s cache in the Go Daddy console.

    Go carefully when editing this file. I suggest creating a backup of the file before editing it.

    ais100

    (@ais100)

    I appreciate your help, thank you.

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.