CORS policy: No 'Access-Control-Allow-Origin' header is present


The problem/error I’m currently unable to fix is the following:

Access to XMLHttpRequest at '' from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In my netlify.toml file I’ve configured the following, and yes, I can see it in the response:

for = "/*"
Access-Control-Allow-Origin = "*"

Anyone knows a solution, even since I can still see the header in the response?

edit: In case it would be asked by an engineer, site ID: 899fab00-217e-425c-901e-e731f90ae452



Nothing to do with the Access-Control-Allow-Origin header on your domain. It is there domain that does not have the header allowing your domain to access it.

@jasiqli thanks, that could make sense. I’ll have to ask the client to check their configuration then.