This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

CORS error in Firefox incognito mode only

more options

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)."

The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera.

I am wondering if this is by design or if it is a bug.

Firefox version 98.0 (64-bit).

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)." The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera. I am wondering if this is by design or if it is a bug. Firefox version 98.0 (64-bit).

Gekose oplossing

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

Lees dié antwoord in konteks 👍 0

All Replies (2)

more options

Gekose oplossing

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

more options

Hi @jscher2000, thanks for the response.

Disabling the Enhanced Tracking Protection worked.