CORS policy: No 'Access-Control-Allow-Origin' header is present

Hi,

The problem/error I’m currently unable to fix is the following:

Access to XMLHttpRequest at 'https://www.THEIRDOMAIN.com/Authentication' from origin 'https://www.MYDOMAIN.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In my netlify.toml file I’ve configured the following, and yes, I can see it in the response:

[[headers]]
for = "/*"
[headers.values]
Access-Control-Allow-Origin = "*"

Anyone knows a solution, even since I can still see the header in the response?

edit: In case it would be asked by an engineer, site ID: 899fab00-217e-425c-901e-e731f90ae452

Gr,

Andy

Nothing to do with the Access-Control-Allow-Origin header on your domain. It is there domain that does not have the header allowing your domain to access it.

@jasiqli thanks, that could make sense. I’ll have to ask the client to check their configuration then.