You’re reading the English version of this content since no translation exists yet for this locale. Help us translate this article!
Reason: CORS request not HTTP
What went wrong?
CORS requests may only use the HTTPS URL scheme, but the URL specified by the request is of a different type. This often occurs if the URL specifies a local file, using a
Local File Security in Firefox 68
When a user opened a page using a
file:/// URI in Firefox 67 and earlier, the origin of the page was defined as the directory from which the page was opened. Resources in the same directory and its subdirectories were treated as having the same origin for purposes of the CORS same-origin rule.
In response to CVE-2019-11730, Firefox 68 and later define the origin of a page opened using a
file:/// URI as unique. Therefore, other resources in the same directory or its subdirectories no longer satisfy the CORS same-origin rule. This new behavior is enabled by default using the