Open gour opened 3 years ago
YES.
backend/classes/sensitivesettings.php
, change :
public $allowedDomains = array (
// '*.example.com',
// '*.example.org',
// '*.example.net'
);
TO:
public $allowedDomains = array (
'www.site0.com',
'www.site1.com'
);
www.site0.com
and www.site1.com
.YES.
1. deploy HashOver on comments.example.com
When I tried to do that, I get CORS problem:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://hashover.tld.com/backend/comments-ajax.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘http://demo.tld.com’).
iow. I tried to deploy HashOver at https://hashover.tld.com
to serve comments for the https://demo.tld.com
site?
I also wonder about the possibility to manage all comments from the single place in regard to #284?
@gour What do you have in the $allowedDomains
setting? You should only have the domain name. If you are running HashOver on hashover.tld.com
the setting should contain the domain demo.tld.com
. Alternatively, you can use a wildcard, like *.tld.com
, this way it will work from any subdomain. Also, you may have to use the same scheme on both websites. Your error says "http://demo.tld.com" not "https://demo.tld.com", if you are using HTTPS on demo.tld.com
you may also have to use HTTPS on hashover.tld.com
. Check to make sure you are doing so.
As for managing all comments from a single page, the situation is the same as my response in that issue, it isn't implemented. The current plan is to add a page that uses the Latest Comments API to display the 10 most recent comments from all pages, from there a structural change to how comments are stored may be required in order to display more comments. The moderation needs to be improved altogether, but for now I don't have the time to give proper consideration to a better implementation.
@gour What do you have in the
$allowedDomains
setting?
I've wildcard *.tld.com
and using HTTPS everywhere?
As for managing all comments from a single page, the situation is the same as my response in that issue, it isn't implemented.
OK.
@gour Is $supportsMultisites
also set to true
?
@gour Is
$supportsMultisites
also set totrue
?
I've changed it to true
, but still get:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://hashover.tld.com/backend/comments-ajax.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘http://demo.tld.com’).
and I'm puzzled why it does complain about http://demo.tld.com
since it is supposed to serve via HTTPS only?
Edit: Let me add that the setup where I run Hashover is kind of semi-share hosting where Apache is running behing Ngix acting as reverse proxy, if that does matter for some reason.
@gour
Edit: Let me add that the setup where I run Hashover is kind of semi-share hosting where Apache is running behing Ngix acting as reverse proxy, if that does matter for some reason.
This may matter, yes. I actually already have code to handle this, or at least it should, but I haven't seen anyone need it. So, I will commit that code now, please test it. I think this is just a matter of HTTPS not being detected properly because of the proxy.
Hello,
I'm looking for a commenting engine to serve my Hugo-generated static websites. I like that HashOver is written in PHP since I anyway have to use PHP on the server for Matomo analytics, but wonder if single instance of HashOver can serve comments in multiple site?