Hi there,
I started to write a solution to provide a website on HTTPS once the user whether logs on signs in the system.
Login and "Join Us" are links within the header that trigger a popup with forms to whether log in or sign up. I wrote those as the html tag "href" as javascript calls that do an ajax request to the page https://www.natopia.com/experiences/joinow
Join us
function joinow(id){
alert("HELLO");
var actionHandler = "https://www.natopia.com/experiences/joinow";;
$.ajax({
type: "POST",
url: actionHandler,
data: "id="+id,
dataType: "json",
beforeSend: function(msg)
{
},
success: function(response){
alert("RESPNSE");
}
});
The problem lays on JS variable actionHandler. It must be https to call login/sign always on HTTPS but that causes a javascript error "Cross-Origing Request Blocked"
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.natopia.com/experiences/joinow. This can be fixed by moving the resource to the same domain or enabling CORS."
The goal is to include a ajax request to an HTTPS page on a HTTP page.
So, the form will be in HTTPS and if the user logs or signs in he will be on HTTPS forever.
Would CURL be the solution for it?
What would be be best approach to it?
