You need to sign in to do that
Don't have an account?
(GS0 org) Action function from a managed package, XMLHttpRequest origin not allowed access problem
An action function call in a managed package throws in a custom VFP because the request and origin are not from the same domain.
XMLHttpRequest cannot load https://c.gus.visual.force.com/apex/PageName?id=PageId&isdtp=vw. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://gs0.salesforce.com' is therefore not allowed access.
This is the error I receive and when I check the request that was sent, I can see that the
RequestUrl : https://c.gus.visual.force.com/apex/...
Origin : https://gs0.salesforce.com
So of course it is not allowed access, but the question is why is my VFP action function origin not in the same domain as the target?
I have tried whitelisting c.gus.visual.force.com, gs0.salesforce.com, also added it to remote sites, added them to CORS...
I am at a loss right now.
I have two leads that I cannot really follow:
1. https://developer.salesforce.com/forums/?id=906F0000000Awi5IAC -> says that there is an internal setting that allows VF content to be served from the Salesforce.com domain. That it may be on for my org and that I do not want that because that's what causing my request to come from gs0.salesforce.com instead of c.gus.force.com
2. http://salesforce.stackexchange.com/questions/51193/xmlhttprequest-cannot-load-no-access-control-allow-origin-is-present -> This one seems to have the same problem, back in '14 and no resolve in sight.
I should note that the exact same code, with exact same managed package works in both a dev org and another org, just not on our orgs that are on gs0.
Any help would be appreciated. Thanks!