What is the same-origin policy?
If your method for adding new participants is set to 'Automagically when someone submits a form on my site' and you have a Signup URL and/or Redirect URL set, or if you are adding participants programmatically via JavaScript Web API, please make sure that you are following the same-origin policy, or else referral tracking may not work consistently. This is because GrowSurf uses cookies for tracking, and there are limitations due to browser security.
Here are some examples if https://yoursite.com is your Share URL:
- CORRECT:
- Your Signup URL is https://app.yoursite.com/signup
- Your Redirect URL is https://yoursite.com/thank-you
- INCORRECT:
- Your Signup URL is https://anothersite.com/signup
- Your Redirect URL is https://yoursite-redirect.com
For more information and examples of the same-origin policy, please refer to this article.
NOTE: If you are using the GrowSurf REST API for referral tracking, the same-origin policy does not apply to you.