Hi, I've been reading about CORS in all threads of the forum and from outside, but can find a solution.
so I have domain1 where I hosts all the files (krpano, xml, images)
in htaccess from domain1 I should add :
then in domain2 I have a index.html
Code
<script src="https://domain1.com/pano.js">
</script><div id="pano" style="width:100%;height:100%;"><script>
embedpano({
swf:"https://domain1.com/pano.swf",
xml:"https://domain1.com/pano.xml",
target:"pano"
});
</script>
</div>
and pano xml is :
Code
<krpano>
<security cors="use-credentials" />
<include url="skin/defaultskin.xml" />
<view hlookat="0" vlookat="0" maxpixelzoom="1.0" fovmax="150" limitview="auto" />
<preview url="a.tiles/preview.jpg" />
<image type="CUBE" multires="true" tilesize="512">
<level tiledimagewidth="640" tiledimageheight="640">
<cube url="a.tiles/%s/l1/%v/l1_%s_%v_%h.jpg" />
</level>
</image>
</krpano>
Alles anzeigen
So on this situation from domain2, the index.html is able to load krpano and the first xml (pano.xml) but not the second xml (defaultskin.xml) neither the images of the pano.
Anyone knows what am I missing ?
I've already been testing many different htaccess options like add instead of set or always set, or different kind of methods...
Code
Header add Access-Control-Max-Age 1728000
Header add Access-Control-Allow-Origin: http://domain1.com
Header add Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
Header add Access-Control-Allow-Headers: "DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
Header add Access-Control-Allow-Credentials true
Code
# Enable cross domain access control
SetEnvIf Origin "^http(s)?://(.+\.)?(domain1\.com|domain2\.net)$" REQUEST_ORIGIN=$0
Header always set Access-Control-Allow-Origin %{REQUEST_ORIGIN}e env=REQUEST_ORIGIN
Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE"
Header always set Access-Control-Allow-Headers: Authorization
But I guess is more a basic CORS concept that I miss.
thanks in advance