EmbedAI Chat Embed CORS issue – Widget not loading

Cross-Origin Resource Sharing (CORS)is a security feature implemented by web browsers to restrict web pages from making requests to a different domain than the one that served the web page. Because of this, you might get Cross-Origin Request Blocked: The Same Origin
Policy disallows reading the remote resource at YOUR-WEBSITE.COM.
(Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status
code: 200.
in your browser console and the chat widget will not load.

To resolve this issue, you have a few options:

  • Update Server Configuration: If you have control over your hosting server, you should configure it to include the appropriate CORS headers in its responses. You can set the ‘Access-Control-Allow-Origin’ header to the domain from which the requests are originating. There are 2 ways to do it:
    1. Apache (via .htaccess or server configuration) – Add the following to your .htaccess file or directly in your server configuration:

      Header set Access-Control-Allow-Origin "*"

    2. Nginx (in the server block) – Add the following to your Nginx configuration:
      location / {
      add_header 'Access-Control-Allow-Origin' '*';
  • Proxy Server: If you don’t have control over the server, you can set up a proxy server on your domain that makes requests to the server on behalf of your web page. This way, the same-origin policy is not violated because the requests are made from the same domain.

Was this article helpful?

Related Articles