CORS - Catching is not allowed by 'Access-Control-Allow-Origin' Error

Hi guys,

After digging a little, testing website here and there, here’s the problem:

Script from origin ‘link//embed.tawk.to’ has been blocked from loading by Cross-Origin Resource Sharing policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘mysite’ is therefore not allowed access. The response had HTTP status code 403. 00:04.215

XMLHttpRequest cannot load link/googleads.g.doubleclick.net/pagead/id.No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘https://www.youtube.com’ is therefore not allowed access. The response had HTTP status code 499.

As you can see, I believe that most of the page headers are coming from your CDN actually and that CORS might not be enabled, that’s why YouTube and Tawk.to EMBEDS aren’t allowed access. I mean everything is working well but google search console persistently shows these two errors. Notice that “access-control-allow-origin” is set to “*” which means that it should allow loading of external scripts!
So guys please, may you help me with this?

Here’s the proof link: https://search.google.com/test/mobile-friendly?hl=en&id=OTqJGDh8dzm0hy88eT-YOQ&view=fetch-info

King Regards,
NIck

Strictly speaking, Cloudflare is not a CDN. So any headers you require on your domain, you have to specify yourself on your server.

The second error message is irrelevant, as it means Google did not configure their own systems correctly. The first one, however, does refer to your site, but it would rather seem your site cant access that script because that script does not come with a proper CORS header, which does not seem to be the case. It might be that Google’s console complains about a non-issue here. The browser does not seem to complain about anything Tawk related.

1 Like

I thought at first that this is a Google mumbo jumbo and now everything is clear thanks to your guidance. So once again ,thanks a dozen for your help!!!

King Regards,
Nick