No 'Access-Control-Allow-Origin' header is present on the requested resource with Cross Origin Resource Sharing (CORS) in B2C Commerce

公開日: Nov 19, 2025

説明

When browsing on your B2C Commerce Storefront, you see errors like the one below in the browser console:

Access to font at 'https://www.sfcctest.com/on/demandware.static/Sites-US-Site/-/en_US/v1111111111111/css/fonts/Arial.woff'; from origin 'https://notsfcctest.com'; has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

解決策

Cross Origin Resource Sharing (CORS) headers may not be passed with the static content hosted on the B2C Commerce platform.

This is because the B2C Commerce platform does not support hosting of static content for other websites to reference. As a result, the static files will need to be uploaded directly either to the provider that hosts the other site, or to another host that supports the Access-Control-Allow-Origin CORS header for static content.

Please note that the Access-Control-Allow-Origin header (and the other CORS response headers) are supported for OCAPI requests and dynamic requests (controllers and pipelines). The headers need to be added in the OnRequest.js file under app_storefront_core/cartridge/scripts/request.

For more information, please review the dw.system Class.

ナレッジ記事番号

000391299

この記事で問題は解決されましたか?

ご意見をお待ちしております。

No 'Access-Control-Allow-Origin' header is present on the requested resource with Cross Origin Resource Sharing (CORS) in B2C Commerce

General Information

Required Cookies

Functional Cookies

Advertising Cookies

General Information

Required Cookies

Functional Cookies

Advertising Cookies

Cookie List