XMLHttpRequest CORS block

Username (e.g. epiz_XXX) or Website URL

Error Message

Access to XMLHttpRequest at ‘https://infinityfree.net/errors/403/’ (redirected from ‘my website’) from origin ‘my website’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. please help me i am getting this error message please

Other Information

Hello there,

You may refer to this Knowledge Base article:


When and where do you see the error?

The CORS blocking is probably not the issue, it’s the fact that your site is trying to load a page which redirects to our 403 Forbidden error. If you ensure that the required URLs in your site don’t return a 403 Forbidden error, then the CORS issue will be gone too.


If you have access to the site you are sending the request to, you can simply add this PHP Code to the top of the page to disable CORS Block:
<?php header("Access-Control-Allow-Origin: *"); ?>

but it might don’t work since every visit heads into security page first


I know it works as I have come across this problem before and the PHP Header does disable the CORS Block.

Well, it only works if you’re using Cloudflare.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.