搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

CORS error in Firefox incognito mode only

more options

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)."

The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera.

I am wondering if this is by design or if it is a bug.

Firefox version 98.0 (64-bit).

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)." The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera. I am wondering if this is by design or if it is a bug. Firefox version 98.0 (64-bit).

被采纳的解决方案

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

定位到答案原位置 👍 0

所有回复 (2)

more options

选择的解决方案

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

more options

Hi @jscher2000, thanks for the response.

Disabling the Enhanced Tracking Protection worked.