Questions tagged [cross-origin-read-blocking]

Cross-Origin Read Blocking (CORB) is a mechanism by which browsers block access to a resource which appears inappropriate for the context in which frontend code is trying to use the resource (for example, a `

Cross-Origin Read Blocking (CORB) is a security feature implemented in browsers that mitigates certain attacks by blocking access to resources which appear inappropriate for the context in which frontend code is trying to use the resource.

For example, XSSI is the technique of pointing a <script> tag at a target resource which is not JavaScript, and observing some side effects when the resulting resource (e.g. a JSON document) is interpreted as JavaScript. CORB prevents the browser from executing, as a script, documents with an application/json MIME type.

Cross-Origin Read Blocking (CORB)

I have called third party API using Jquery AJAX. I am getting following error in console: Cross-Origin Read Blocking (CORB) blocked cross-origin response MY URL with MIME type application/json. See…

asked Jun 15 '18 at 10:29

Jignesh

1,839
2
8
5

votes

3 answers

How to make a cross-origin request in a content script (currently blocked by CORB despite the correct CORS headers)?

I am developing a Chrome extension which makes requests from certain websites to an API I control. Until Chrome 73, the extension worked correctly. After upgrading to Chrome 73, I started getting the following error: Cross-Origin Read Blocking…

google-chrome google-chrome-extension cors cross-origin-read-blocking

asked Mar 18 '19 at 05:07

Ceasar

22,185
15
64
83

votes

2 answers

How to avoid Cross-Origin Read Blocking(CORB) in a chrome web extension

I wrote a chrome web extension to avoid CORS limitation when developing my own web apps. The extension is a developers' tool and used to proxy the request from the source url to the dest url. The extension core code like this, thus developers can…

google-chrome-extension cross-origin-read-blocking

asked Feb 20 '19 at 12:41

user9106242

votes

1 answer

CORB blocking dynamic AdSense advertisements

I have a server-side rendered Angular application in which I'm using ng2-adsense to display AdSense ads on certain routes. I've noticed that most of the time (not all of the time), my ads don't display and I get warnings in the Chrome Dev Console…

angular google-chrome adsense cross-origin-read-blocking

asked Jun 23 '18 at 18:58

Jack Guy

8,346
8
55
86

votes

2 answers

Chrome CORB blocking APIGateway lambda request

What works I have a simple word game I've built. It works great. One thing users have requested is a word validity check. I am running the oxford dictionary api on an AWS Lambda Proxy/Node.js end-point, which works great when I access the APIGateway…

javascript node.js cors aws-lambda cross-origin-read-blocking

asked Jun 21 '18 at 18:24

Radio

2,810
1
21
43

votes

0 answers

Google maps api: Cross-Origin Read Blocking (CORB) blocked cross-origin response

I'm trying to perform a simple GET request to the google maps API, but my browser keeps blocking the response. I'm getting the following warning in my console: Cross-Origin Read Blocking (CORB) blocked cross-origin response…

javascript ajax google-maps cross-origin-read-blocking

asked Jul 23 '18 at 19:39

Majesteit

votes

2 answers

How To Solve This Problem : Cross-Origin Read Blocking (CORB) blocked cross-origin response

Warning is : jquery-1.9.1.js:8526 Cross-Origin Read Blocking (CORB) blocked cross-origin response https://www.metaweather.com/api/location/search/?query=lo with MIME type application/json. See https://www.chromestatus.com/feature/5629709824032768…

jquery json ajax cross-origin-read-blocking

asked Mar 14 '19 at 10:18

Smit Pipaliya

votes

1 answer

Ajax call bug with Chrome new version 73.0.3683.75?

My code was working fine before the Chrome update. I make an ajax call to my server. My server receives the call, returns JSON to the client, but the answer is always empty. When I look in Fiddler I get an answer from the server. I try with JQuery,…

ajax google-chrome google-chrome-extension cors cross-origin-read-blocking

asked Mar 14 '19 at 02:05

Cédric Boivin

10,854
13
57
98

votes

1 answer

Can anyone show me how to eliminate Cross-Origin Read Blocking (CORB) error when using a tracking pixel?

I am not sure why I am getting a CORB error when trying to use a tracking pixel. I thought that these errors do not occur if images are served back and the content type is an image (gif or jpeg). The exact error is: Cross-Origin Read Blocking (CORB)…

php cross-origin-read-blocking

asked Jul 15 '18 at 04:13

user3740260

votes

2 answers

Chrome extensions CORB: How to react to updates in the shared DOM

Trying to build a chrome extension content script that adds an extra useful nav to a GitHub issue page. When interaction is done through the normal webpage (the end user click an reaction emoji) - my injected element gets lost. The only way I have…

javascript google-chrome dom google-chrome-extension cross-origin-read-blocking

asked Jan 19 '20 at 00:16

Norfeldt

8,272
23
96
152

votes

2 answers

CORB OPTIONS Requests Blocked in Chrome 73

It appears that in a recent Chrome release, (or at least recently when making calls to my API --- haven't see it until today), Google is throwing warnings about CORB requests being blocked. Cross-Origin Read Blocking (CORB) blocked cross-origin…

google-chrome cors apache2 cross-origin-read-blocking

asked Apr 10 '19 at 19:08

Crayons

1,906
1
14
35

votes

1 answer

Getting Cross-Origin Read Blocking (CORB) error with WooCommerce PayPal Gateway

I'm using the WooCommerce PayPal Checkout Gateway and I just noticed that when I load the checkout page where the PayPal payment option appears I am getting this in my console: Cross-Origin Read Blocking (CORB) blocked cross-origin response …

wordpress woocommerce paypal cross-origin-read-blocking

asked Apr 07 '19 at 12:21

Brett

19,449
54
157
290

votes

1 answer

Disable Cross-Origin Read Blocking (CORB) in brave browser

I am serving static content (html, css and js) using lighttpd. I want to call api from a server hosted on the localhost using a wsgi application with python. I am getting the following error when I am trying to call the api from frontend (using…

python ajax cross-origin-read-blocking brave

asked Jul 19 '21 at 06:34

Tahlil

1,031
1
14
26

votes

1 answer

How to disable CORB in Chrome 74+

I want to debug a local dev environment issue potentially caused by CORB in Chrome 74. I want to see if - when I swith off CORB - the issue goes away. The according Google developer docs say that You can confirm if a problem is due to CORB by…

google-chrome chromium cross-origin-read-blocking

asked Aug 29 '19 at 11:08

Robert

1,710
2
18
35

votes

1 answer

Trying to Convert jQuery ajax to ES6 fetch

In an effort to not use jQuery (if ajax is all I need it for) I have the following ajax call that works like a champ. $.ajax({ type: "POST", url: "/Tests/EEG/Portable/Index?handler=Testing", beforeSend: function (xhr) { …

javascript jquery cors fetch-api cross-origin-read-blocking

asked Jun 25 '18 at 13:11

Grandizer

2,819
4
46
75

2 3

…

16 17 Next