Access-Control-Allow-Origin errors when using Web Analytics

A couple of days ago, after the announcement about it, I set up Web Analytics on my personal website. It is at https://www.gyford.com and I’ve set the Hostname on dash.cloudflare.com to be www.gyford.com.

However, when I view a page on my website the browser console shows these errors:

I can’t see what I can tweak to fix this. Any ideas?

(I would have pasted the error text in, instead of using an image but this wouldn’t let me post more than two links, and it couldn’t the ones in the error messages.)

Sorry, @philgyford, I adjusted your account permissions so you won’t hit that limit again.

2 Likes

I’ve been poking at this again. I see in the documentation it says:

The hostname entered must match the website you add the JS Snippet to. If the hostname and website do not match, you will see a CORS (Cross Origin Resource-Sharing) error in the browser console. The error message will say that the origin “is not allowed by Access-Control-Allow-Origin.”

But the domains do match:

Screenshot 2020-12-15 at 14.59.19

Screenshot 2020-12-15 at 14.59.33

I don’t fully understand CORS-related stuff but I’ve tried setting my site so that https://static.cloudflareinsights.com and https://cloudflareinsights.com are both in Access-Control-Allow-Origin. I’ve tried setting Access-Control-Allow-Credentials to true.

Anyone with any other idea?

It turns out that Web Analytics requires your site to send a Referer header, which mine wasn’t – it’s built using Django which by default doesn’t send them cross-site.

So ensure that your site sends Referers. Analytics did require the full URL in the referer but that was apparently a bug and it now (or soon will?) only require the origin (i.e. the domain).

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.