Title: CORS blocks wp-admin CSS Last modified: August 15, 2020 --- # CORS blocks wp-admin CSS * [anderslinn](https://wordpress.org/support/users/anderslinn/) * (@anderslinn) * [5 years, 10 months ago](https://wordpress.org/support/topic/cors-blocks-wp-admin-css/) * Several CSS files fail when in admin mode. For example: twocatsinacaravan.xyz/: 1 Access to CSS stylesheet at ‘[https://s1.wp.com/wp-content/mu-plugins/admin-bar/wpcom-admin-bar.css’](https://s1.wp.com/wp-content/mu-plugins/admin-bar/wpcom-admin-bar.css’); from origin ‘[https://twocatsinacaravan.xyz’](https://twocatsinacaravan.xyz’); has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. wpcom-admin-bar.css:1 Failed to load resource: net:: ERR_FAILED * Access-Control-Allow-Origin is set to * Any ideas? I also get the warnings for cookies from wp not sure if related * A cookie associated with a cross-site resource at [https://wp.com/](https://wp.com/) was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. * Great plugin by the way! - This topic was modified 5 years, 10 months ago by [anderslinn](https://wordpress.org/support/users/anderslinn/). - This topic was modified 5 years, 10 months ago by [anderslinn](https://wordpress.org/support/users/anderslinn/). * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fcors-blocks-wp-admin-css%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [anderslinn](https://wordpress.org/support/users/anderslinn/) * (@anderslinn) * [5 years, 10 months ago](https://wordpress.org/support/topic/cors-blocks-wp-admin-css/#post-13260459) * my htaccess [https://pastebin.com/5vkZRrTV](https://pastebin.com/5vkZRrTV) * Plugin Author [Dimitar Ivanov](https://wordpress.org/support/users/zinoui/) * (@zinoui) * [5 years, 10 months ago](https://wordpress.org/support/topic/cors-blocks-wp-admin-css/#post-13262676) * Hi [@anderslinn](https://wordpress.org/support/users/anderslinn/) * I assume that the HTTP Headers plugin is installed on `twocatsinacaravan.xyz`, but you need the Access-Control-Allow-Origin header to be sent from `https:// s1.wp.com`. * The warning is about cookies sent by instagram.com and cloudflare.com. Since you haven’t control on that sites you can’t do anything to suppress this warning. * Thread Starter [anderslinn](https://wordpress.org/support/users/anderslinn/) * (@anderslinn) * [5 years, 9 months ago](https://wordpress.org/support/topic/cors-blocks-wp-admin-css/#post-13280282) * Thanks. Do you know of any way of either excluding/allow those domains which lacks Access-Control-Allow-Origin header or a way to inject Access-Control-Allow- Origin header on those requests? - This reply was modified 5 years, 9 months ago by [anderslinn](https://wordpress.org/support/users/anderslinn/). Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘CORS blocks wp-admin CSS’ is closed to new replies. * ![](https://ps.w.org/http-headers/assets/icon-128x128.png?rev=1413576) * [HTTP Headers](https://wordpress.org/plugins/http-headers/) * [Frequently Asked Questions](https://wordpress.org/plugins/http-headers/#faq) * [Support Threads](https://wordpress.org/support/plugin/http-headers/) * [Active Topics](https://wordpress.org/support/plugin/http-headers/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/http-headers/unresolved/) * [Reviews](https://wordpress.org/support/plugin/http-headers/reviews/) ## Tags * [Access-Control-Allow-Origin](https://wordpress.org/support/topic-tag/access-control-allow-origin/) * 3 replies * 2 participants * Last reply from: [anderslinn](https://wordpress.org/support/users/anderslinn/) * Last activity: [5 years, 9 months ago](https://wordpress.org/support/topic/cors-blocks-wp-admin-css/#post-13280282) * Status: not resolved