• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Same-Origin-Policy error with lightbox

XF has an integrated lightbox. I only add LbTrigger-Class and a data-href-Tag and the lightbox is working - great!
But I have one issue: I sometimes (its a feature for users) call my page via subdomain - then my browser prohibits lightbox to load and fires a same-origin-policy error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://www.mydomain.com/misc/lightbox?&_xfRequestUri=%2F&_xfNoRedirect=1&_xfToken=xxx&_xfResponseType=json . This can be fixed by moving the resource to the same domain or enabling CORS.
Call http://www.mydomain.com/myaddon/123/view -> lightbox works
Call http://anysubdomain.mydomain.com/myaddon/123/view -> lightbox fires cross-origin request blocked

Any ideas?
Thanks, Harald