Skip to main content
Question

CORS errors in previews/downloads

  • May 22, 2025
  • 2 replies
  • 34 views
C
Forum|alt.badge.img

Hello, all -

 

I've got a webpage where I make some of my Box-hosted content available for download; however, most browsers don't show a preview of these files. Inspecting the page, I see several hundred CORS errors of this type:

Access to internal resource at 'https://cdn01.boxcdn.net/_assets/img/favicons/manifest-rw1AEP.json' from origin 'https://app.box.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Obviously, resolving this requires validating the request from the Box side, but I can't find any documentation (other than "here's how to validate via an app") that describes anything of the sort.

 

Thanks in advance for your help!

    2 replies

    C
    Forum|alt.badge.img

    Hello, 

    Is the URL on the CORS whitelist for your application in the configuration tab of the developer console for you application? If so, is this on a public page I would be able to take a look at?

    Best, 

    Kourtney 

    Box Developer Advocate

    C
    Forum|alt.badge.img

    Hi, Kourtney -

     

    Thanks for your response. There's no application involved; these are simply embedded links to content on Box. Here's a copy of that page:

     

    http://203kcontractors.com/login/14634-2

     

    As you can see, it throws 10 CORS errors.

    Terms of ServiceAccessibility statement