Access to XMLHTTPRequest at <URL> from origin <URL>has been blocked by CORS policy
Article ID: CTX341564
Updated On:
Description
When navigating to load balanced VIP, 'Cannot Complete Your Request' is seen
.HAR file will show Access to XMLHTTPRequest at <URL> from origin <URL>has been blocked by CORS policy
Resolution
On each Storefront, navigate to IIS and then under Default Page's HTTP Response Headers (found in center pane), add the following:
Access-Control-Allow-Headers
Value: *
Access-Control-Allow-Origin
Value: <URL customer normally goes to>
Access-Control-Allow-Private-Network
Value: true
IISRESET must be performed on each Storefront server
Access-Control-Allow-Headers
Value: *
Access-Control-Allow-Origin
Value: <URL customer normally goes to>
Access-Control-Allow-Private-Network
Value: true
IISRESET must be performed on each Storefront server
Problem Cause
New browsers do not allow a wildcard auth header unless explicitly specified.
Was this article helpful?
Yes
No
Powered by
