Access-Control-Allow-Origin Policy error on a static site

Hello,

I am getting this error:

Access to XMLHttpRequest at ‘https://cdn.snipcart.com/themes/v3.7.3/l10n/en-US.json’ from origin ‘https://www.test.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

I have tried creating _headerrs and added this but didn’t work:

/*
Access-Control-Allow-Origin: *

I have also tried adding this to netlify.toml file but still didn’t work:

[[headers]]
for = “/"
[headers.values]
Access-Control-Allow-Origin = "

The netlify.toml and _headers are both located next to the index.html file. The site is a static site.

Please advise on how to fix it.

Thank you!

The reason neither worked is because they add the policy to the assets on your site and not on the asset you are trying to load from the other site.

The asset you are trying to load (https://cdn.snipcart.com/themes/v3.7.3/l10n/en-US.json) doesn’t exist as seen in the screenshot you provided.

I see. Let me try contacting snipcart. Thank you for your time.