Access to XMLHttpRequest at 'https://mysubdomain.zendesk.com/embeddable_blip?type=userAction&data=...'
from origin 'https://myapp.example.com' has been blocked by CORS policy:
No 'Access-Control-Allow-Origin' header is present on the requested resource.

accept-ranges: bytes
cf-cache-status: MISS
cf-ray: 63625c9469dc3fd2-YYZ
cf-request-id: 09115830c400003fd23f910000000001
content-length: 0
date: Fri, 26 Mar 2021 18:14:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WRm<omitted>%2FljL"}]}
server: cloudflare
set-cookie: __cfduid=<omitted>; expires=Sun, 25-Apr-21 18:14:57 GMT; path=/; domain=.mysubdomain.zendesk.com; HttpOnly; SameSite=Lax
set-cookie: __cfruid=<omitted>-1616782498; path=/; domain=.mysubdomain.zendesk.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 592335c1552e7d897be45d4ddd358773
x-zendesk-zorg: yes

access-control-allow-origin: https://myapp.example.com
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: MISS
cf-ray: 63625c9469de3fd2-YYZ
cf-request-id: 09115830c400003fd26509d000000001
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 26 Mar 2021 18:14:58 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=<omitted>%2Bx1zxgSFLKM5pwp6y98d%2BM0d4WXt9qo%2F3mFRldZABR5HKh5UDI1GHyL1fNfQ"}]}
server: cloudflare
set-cookie: __cfduid=<omitted>; expires=Sun, 25-Apr-21 18:14:57 GMT; path=/; domain=.mysubdomain.zendesk.com; HttpOnly; SameSite=Lax
set-cookie: __cfruid=<omitted>; path=/; domain=.mysubdomain.zendesk.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding

• Robson Rosa de Almeida

  • 2021年03月29日 18:22

  Hi, I'm facing this same problem.

  The header is not being set in some responses and it causes errors. For example, users are not being able to download files shared by our support team through the Web Widget Chat.

• Anna Roussanova

  • 2021年04月15日 13:36

  Hi folks, the widget team was rolling out a new backend change that caused some requests to be missing the Access-Control-Allow-Origin header. The requests in question were duplicates, so there was no impact to the functionality in the widget, but you did end up getting those CORS errors in the console. The underlying issue has since been fixed, so you shouldn't see any more errors now.

• david sam

  • 2021年07月31日 12:40

  I think its a common every one facing. I am experiencing issues with headers not being set in some responses, which causes errors. Regard :Scissor Hub

• Eric Nelson

  • 2021年08月16日 15:05

  Zendesk Developer Advocacy

  Hey David,

  Are you still experiencing this issue?

  Have a wonderful day!

  Eric Nelson | Manager - Developer Advocacy

• Yanluis Ulloa

  • 2022年03月15日 21:15

  Seems like this issue is happening again? Thanks for the support, this is messing our RUM monitoring. 

  

• Cheeny Aban

  • 2022年03月16日 14:14

  Zendesk Customer Care

  Hi Yanluis, 
  
  I suggest that you check if the troubleshooting steps from How can I troubleshoot CORS? will work on your issue. If none, you may initiate a conversation with us so we can further check. 
  
• Caleb Pourchot

  • 2022年10月17日 15:31

  Not sure if I should open up another ticket, but this is happening to us on the embeddable_search widget. Attached are the error in the console and the request headers from the OPTIONS request. There is no Access-Control-Allow-Origin header being sent.

  

  

サインインしてコメントを残してください。