This section addresses security issues that most people can ignore. It is for advanced users that may have security concerns or who may have run into security issues with their MapsAlive tours.
MapsAlive automatically hosts your published tours at
https://tour.mapsalive.com which is a secure server with an SSL certificate. It supports Cross-Origin Resource Sharing (CORS) by sending an
access-control-allow-origin header when responding to an XMLHttp request. This allows a website hosted on your server to embed a tour on the MapsAlive server without getting a cross-origin error.
If any hotspots in your tour contain insecure content such as an
<img> tag that contains a URL that starts with
http instead of
https, the browser might not display the image because it won't allow the secure tour to load insecure content, or it might automatically convert
https which will trigger a 404 error if the server that hosts the image does not have an SSL certificate and thus cannot satisfy the
https request. If you don't see the hotspot's image, check the browser's Developer Console for warnings and errors. If for some reason you must use insecure content, you'll need to download your tour and host it on your own insecure server, but this is not recommended.