function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Manindar NManindar N 

I'm facing CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Hi Experts,

I'm facing below issue while I'm accessing my local website(remote site) to Salesforce application. Assume like website or localwebsite). I'm trying to make an AJAX call to Salesforce and that gets blocked.

Access to manifest at '' (redirected from '') from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Plesae refer Salesforce landing page console error.

Landing page console issue.

Above image if i do clockin post request will come but here post request gets blocked( All are Ajax call). i attached falid request screenshot.

Post request get failed inside salesforce application.
Note: Its was working fine end to end apllication  
AnudeepAnudeep (Salesforce Developers) 
CORS does not support requests for unauthenticated resources, including OAuth endpoints. 

I recommend adding a blocked URL to SFDC’s CORS whitelist

If whitelisting does not help, you can try adding the header "Access-Control-Allow-Origin" to the request you forward to the salesforce

Reference Articles:
xhr.setRequestHeader("Access-Control-Allow-Origin", "*");

<script runat=server>

If you find this information helpful, please mark this answer as Best. It may help others in the community. Thank you
Talha SaqibTalha Saqib
Please try the following resource:
I found success by NOT using a wildcard in the CORS allow list, but instead, two static URLS:

Depending on where your code is hosted could determine which static URL(s) to use.