My client is getting this CORS error in experience builder:
Access to fetch at 'https://maps.gov.bc.ca/arcserver/rest/services/mpcm/bcgwpub/MapServer/474?f=json' from origin 'https://experience.arcgis.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://governmentofbc.maps.arcgis.com' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
He added this map service (https://maps.gov.bc.ca/arcserver/rest/services/mpcm/bcgwpub/MapServer/474) to a webmap in ArcGIS Online and save the map.
In experience builder, he is getting the CORS error when trying to select the web map and add data.
I couldn't reproduce the same CORS error the first time, but I could add it the 2nd time.
He couldn't reproduce the issue with sampleserver6 so I think it could be related to some CORS setting on the web server.
This issue has been fixed and will be available in our October release. I was able to load that service without any issues with my local test build.
I have the some issue with a custom image symbol in a web map. With Experience, the layer with this symbol, does not appaear. With this error message in the console:
Access to fetch at 'https://www.xxxxx.png' from origin 'https://experience.arcgis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
is this alos a known issue ?
Hi @DavidMartinez ,
I'm experiencing what seems to be a similar issue: Embedding an arcgis dashboard in an Arcgis Enterprise 10.9 Experience Builder (using the embed widget), I get a "can't access arcgis organization" error - and developer mode shows a CORS issue. Is there any workaround for this...? - screenshot attached.
Hi @chaims ,
I do have same problem with you, do you have fix the issue?
Kindly need your help for this problem
We have Enterprise 10.9 and have the exact same issue in trying to embed our own dashboards (same origin, but still getting CORS errors). Curious if you've upgraded to 10.9.1 and it's been fixed or not? I know there is a workaround / hack listed below, but generally only do that as a last resort.
my Workaround was from October 2021 and in January 2022 we installed an new 10.9.1 Environment. I cant remember having these CORS Errors in 10.9.1. The Embed Widget (code wise) looks reworked, functions like checkSafeDomain can still be found. So there is a good chance this issue has been fixed in 10.9.1
i found this topic as i had the same problem (can't access arcgis organization - error and developer mode shows a CORS issue). It took me about an Day to figure out the Solution / Hack.
go to your portal installation dir (c:\program files\arcgis\portal) from there navigate to apps\experiencebuilder\widgets\common\embed. thats the folder of the embed widget, that is causing the CORS Error.
Now you have to clear your browser cache as browsers think js-ressource-files never change. and thats it.
Please be aware that users may be able to embed malicious code by placing it somewhere inside your web / content.