Hello! I have a Marketo landing page for a gated asset that works with a modal (lightbox) as TY page conditioned to whether the form submitter is a member or not. Members get a modal with the link to the downloadable and non-members get a modal with the link to the upgrade page. We've been using these for almost a year with no issues, and all of the sudden the modal only works one way, and even if you're a member eligible to download the asset, the non-member modal comes up asking to upgrade. This started happening like a week ago out of nowhere and can't seem to figure out the reason as everything looks OK with the settings and nothing has been updated on our end. Any ideas?
Many thanks!
Solved! Go to Solution.
The code that’s calling your “Consultants” API is extremely messy and has a bunch of race conditions.
But the direct cause is that this URL does not pass the CORS security check:
https://www.devex.com/api/public/consultants?email=<email address>
pages.devex.com calling www.devex.com is a cross-origin request. So www.devex.com needs to include the correct access-control-allow-origin header.
It’s not a Marketo restriction but a browser security rule (and a longstanding rule, not new).
Most likely, the people who manage your API forgot that it may legitimately be called cross-origin and locked it down by accident.
What is a “member”? Is that a field on the form?
And more generally we need to have a link to the page w/the form, not possible to troubleshoot just in our heads!
Thanks, Sanford! This is the page.
The membership level is not in the form; I guess it collects the form submitter's member level via API call from the email address used? Sorry, not entirely sure, not a developer myself :/.
Let me know if you need any additional details and thanks again!
The code that’s calling your “Consultants” API is extremely messy and has a bunch of race conditions.
But the direct cause is that this URL does not pass the CORS security check:
https://www.devex.com/api/public/consultants?email=<email address>
pages.devex.com calling www.devex.com is a cross-origin request. So www.devex.com needs to include the correct access-control-allow-origin header.
Thanks so much, Sanford. The strange part is that it stopped working all of the sudden. Do you happen to know if there have been recent changes to the requirement of the CORS security check on the Marketo side?
Thanks again!