Sudden CORS Error – “No ‘Access-Control-Allow-Origin’ Header” (WebDev doOptions)

Tburgess · February 23, 2026, 6:40am

Howdy,

I have an Ignition WebDev API that is being called from a separate frontend built with React/NextJS.

This was working fine previously using my doOptions implementation, but when I tested again today, I started getting a CORS policy error stating that no Access-Control-Allow-Origin header is present on the response.

Here is my current doOptions code:

def doOptions(request, session):
    servletResponse = request["servletResponse"]
    servletResponse.addHeader("Access-Control-Allow-Origin", "*")
    servletResponse.addHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE")
    servletResponse.addHeader("Access-Control-Allow-Headers", "Content-Type, Authorization")
    servletResponse.addHeader("Access-Control-Max-Age", "3600")
    servletResponse.setStatus(200)
    return None

I’m not sure what else I should add or check to resolve this. Has anyone run into this before or know what might cause the headers to suddenly stop being included?

Thanks in advance for any help!