Static.cdn.prismic.io Cross Origin Resource Policy

samkilgus · September 14, 2023, 8:35pm

Hello!

I am working on a project that utilizes javascript's SharedArrayBuffer functionality. This requires setting the following headers:

Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin

It seems that there is no Cross-Origin-Resource-Policy: cross-origin on any of the responses from static.cdn.prismic.io. This is causing an error to be logged to the console:

GET https://static.cdn.prismic.io/prismic.js?new=true&repo=<REPO_NAME> net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep 200

Is there anyway around this? Maybe I am doing something wrong on my end?

Thanks for any help!

Phil · September 15, 2023, 10:16am

Hi Samuel,

Welcome to the community!

Unfortunately, there is no way around this, I believe, as this is necessary to pass and receive the cookie data required to generate the previews.

Thanks.

Topic		Replies	Views
Access-Control-Allow-Origin: * in assets Developing with Prismic nuxtjs , javascript	2	364	August 1, 2023
CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource Developing with Prismic rest-api	3	1104	December 9, 2021
Access to fetch at 'https://...' has been blocked by CORS policy Developing with Prismic reactjs	11	4009	October 1, 2022
CORS Policy keeps blocking me Developing with Prismic nextjs	1	548	June 6, 2023
CSP (Content Security Policy) Developing with Prismic	7	876	March 7, 2022

Static.cdn.prismic.io Cross Origin Resource Policy

Related topics