WordPress/Shopp Shipping Calculator/Options Access-Control-Allow-Origin Error

I’ve recently been debugging a customer’s WordPress/Shopp store. When the customer set the Cart & Checkout to be served over SSL  the shipping calculator failed.

Serving Cart / Checkout / My Account pages over SSL is not built into Shopp for some reason. I have a post on this –  SSL/HTTPS for Shopp pages or checkout process only. If you use a shipping calculator, or offer different shipping methods this will fail.

Selecting one of the checkboxes will cause a question mark to appear in the shipping and total boxes.

Chrome reports “Access-Control-Allow-Origin Error”

This is due to the checkboxes firing off an XMLRequestObject to /wp-admin/admin-ajax.php?action=shopp_ship_costs&method=xxxxxx
I bet that request goes out over HTTP from your HTTPS site. Thats a problem. Your browser will fail because its classed as a “Cross-site HTTP request”. See the Mozilla article for more information.

How do fix it? Its quite simple in WordPress, force your admin to be SSL. That way you get a HTTPS – > HTTPS request and the XMLRequest will succeed.

How to force your WP Admin to be SSL? You should probably do it anyway. If you’re not and running an eCommerce store, your WordPress username and password are sent in clear text over the Internet. Pants idea.

Simply add

define('FORCE_SSL_ADMIN', true);

to wp-config.php.

See this article on the WordPress Codex – Administration Over SSL

All’s good.

Author: Kieran Barnes

Kieran is a PHP developer with 15 years commercial experience. Specialist in WordPress, CakePHP, CubeCart and all things PHP.

Leave a Reply

Your email address will not be published. Required fields are marked *