Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

CORS error in Firefox incognito mode only

more options

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)."

The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera.

I am wondering if this is by design or if it is a bug.

Firefox version 98.0 (64-bit).

Hi there, I am working on a site with Segment API and need to load their JS on my site for it to work. Whats happening is, I get the following error: "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.segment.io/v1/p. (Reason: CORS request did not succeed). Status code: (null)." The weird part is, it happens only in Firefox incognito mode. It works on Chrome, Edge, Opera. I am wondering if this is by design or if it is a bug. Firefox version 98.0 (64-bit).

Izabrano rješenje

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

Pročitajte ovaj odgovor sa objašnjenjem 👍 0

All Replies (2)

more options

Odabrano rješenje

Is it a background request (fetch or XMLHttpRequest), or a regular script tag?

CORS background requests definitely require an Origin header. I wonder whether that is suppressed in private windows with some requests? You could inspect the headers in the Network panel of the Dev Tools. More info on that panel: https://developer.mozilla.org/docs/Tools/Network_Monitor

If it's a regular script tag, this could be due to Tracking Protection (by default, stricter in private windows) or an add-on that blocks analytics scripts. For Tracking Protection, click the shield icon at the left end of the address bar to check what is being blocked. With add-on blockers, the UI varies, but the toolbar button usually gives you an info panel.

more options

Hi @jscher2000, thanks for the response.

Disabling the Enhanced Tracking Protection worked.