I recently switched my site to use HTTPS. I am using Laravel as a php framework. At the beginning I had an issue where I would get a 'Origin null is not allowed by Access-Control-Allow-Origin.' error, but then I had fixed that by using this in my filters.php:
App::before(function($request)
{
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
});
The is the ajax request:
$.ajax({
type: 'GET',
url: '/media/search/',
data: { 'q':search_string },
success: function(d) { }
});
Now instead of the Cross Origin error I am getting a redirect to my login page instead of the content that should be loaded. I think it has something to do with the CSRF token implementation that Laravel has, but I am not sure of the route I should take to either add that token to the request or how I could fix it. Anyone have any suggestions?
EDIT:
If I don't have those header functions in my filter.php I get this error:
XMLHttpRequest cannot load http://website.com/media/search?&q=500. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://website.com' is therefore not allowed access.
After this I had proceeded to use this call instead:
$.ajax({
type: 'GET',
url: 'https://website.com/media/search/',
data: { 'q':search_string },
success: function(d) { }
});
but still no luck