i read it and think i need to add some code to allow ..
This HTTP header allows an ads player on any origin to read the VAST response from the ad server origin. The value of Access-Control-Allow-Origin: should be the value of the Origin header sent with the ad request. The Access-Control-Allow-Credentials: header will ensure that cookies will be sent and received properly.
this is to make me able to show https// elements on a http// page with safari browser
so i know what i need to do (sort of) just don't know how to implement
sounds like we are the deer in the headlights when it comes to https and the future of sites with log in forms, how ever we already have some major issues as some browsers now see any https element displayed on a non https page as an error/threat
for example google ads on safari browser trigger console errors for pulling secured content and displaying on non secure pages
my question is can we pull some trickerys and stick the ads in some sort of ssl iframes?
how about our log in forms?
maybe the only solution is for everyone of us to move to https now before its too late?