I finally figured out how to get the dynamic content working on external Wordpress site (hint: CORS-settings)

Development
1

Hello,
After banging my head against the wall trying to figure out how to embed dynamic content on an external Wordpress site, the wall finally broke before my head did.

I have been trying to find information about this but documentation has been rather sparse, or outdated so i tought i’d make a little writeup of my findings in hopes it might be useful to someone;

Im running Mautic 4.0.1
The Wordpress site is sitting on a different domain
I am running the WP Mautic plugin in Woocommerce, i guess it is a requirement but i have not tried without it so i can’t be sure.

I created dynamic content using both the methods mentioned here, Dynamic Web Content (DWC) | Mautic , both filter-based and campaign-based, but i could not get them to show up on the Wordpress site.

Forms generated by Mautic did show up, though, which i found strange.

Always test in another browser, i do the admining in Chrome but i use Edge as a “user-test-platform”, reason being you cant be logged in to Mautic at the same time, it won’t work

After sifting through the whole of Google, i saw mentioning of CORS (Cross-Origin Resource Sharing).
I inspected the page and behold, CORS-errors that clearly stated that no access-control-allow-origin was present, my wordpress site was not whitelisted to request resources if i understand correctly what was going on.

cors1
cors11819×519 88.6 KB

So i entered this into the .htacess file on my Mautic installation;

Enable CORS

Header set Access-Control-Allow-Origin “https://pureest.se

Which did not work, because i left out a www;

cors2
cors21818×400 59.5 KB

Added www, and then got new exciting errors;

cors3
cors31811×445 69.9 KB

Added this line to the htacess;
Header set Access-Control-Allow-Credentials true
and got new errors;

cors4
cors41814×476 72.8 KB

Finally added this line to htaccess;
Header set Access-Control-Allow-Headers: “X-Requested-With”

And was greeted by this;

cors5
cors51819×495 31.2 KB

Htacess additions i did not need to use, but found during my travels, i don’t know what these do but someone else might?
Header set Access-Control-Allow-Methods": “GET,HEAD,OPTIONS,POST,PUT”,
Header set Access-Control-Allow-Headers: “Origin, X-Requested-With, Content-Type, Accept, Authorization”

Final shot of htaccess, green bits are commented out and not used;

htaccess
htaccess815×130 9.97 KB

I had never heard of a CORS and did not know whether it was a cheese or something you smoked before i ran into this, but I’m so glad i got it working! Hope this helps someone!

Cheers Carl

2 Likes
2

This is helpful for the community. Thank you.

3

Hi Carl, I have the following problem. I’ve created dynamic content on the homepage of my WordPress site, but when I search for it on Google (in private mode), the dynamic content doesn’t load by default. I have to hit F5 to refresh the page and then the content appears. Do you think this could be the source of the problem?