Cross-Origin Request Blocked
Apologises if some information is missing but my knowledge of BIG-IPs is limited at best.
Basically we have users trying to access some external sites that appear to be using CORS to display videos.
Our BIG-IPs are setup with proxy servers to use SWG filtering.
Users are trying to access the site using FireFox 60.4.0 ESR.
Looking through the debug console when trying to access the following page for example:
https://ga.vyond.com/videos/0t0c5lmtVSQ8?utm_source=linkshare&utm_medium=linkshare&utm_campaign=usercontent&ga=1
Will return:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://goanimate.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vZ2EudnlvbmQuY29tL3ZpZGVvcy8wdDBjNWxtdFZTUTg%2FdXRtX3NvdXJjZT1saW5rc2hhcmUmdXRtX21lZGl1bT1saW5rc2hhcmUmdXRtX2NhbXBhaWduPXVzZXJjb250ZW50JmdhPTEiLCJ0aW1lIjoxMzMsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tR0IiLCJwYWdlVGl0bGUiOiJIb3cgdG8gQ3JlYXRlIGEgQ29udGluZ2VudCBSZXF1aXNpdGlvbi0gQ0EgLSBUaGFsZXMuVW5pdmVyc2l0eSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IHJ2OjYwLjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvNjAuMCIsImhlbHBDZW50ZXJEZWR1cCI6ZmFsc2V9LCJidWlkIjoiZGJjYzU4NDEzNGJmMjgzODc4YWRjYmY4Y2M4ODc4NmYiLCJzdWlkIjoiY2U1ZjRmNjNjMWVlOTlmOWFlMTY3YTEyNDg4ZTNkNTkiLCJ2ZXJzaW9uIjoiMDZiYThkZGMzIiwidGltZXN0YW1wIjoiMjAxOS0wNi0yNlQxMDoxNjowOS44NDJaIiwidXJsIjoiaHR0cHM6Ly9nYS52eW9uZC5jb20vdmlkZW9zLzB0MGM1bG10VlNROD91dG1fc291cmNlPWxpbmtzaGFyZSZ1dG1fbWVkaXVtPWxpbmtzaGFyZSZ1dG1fY2FtcGFpZ249dXNlcmNvbnRlbnQmZ2E9MSJ9. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
We've tried testing access using the latest FireFox version so as to rule out an issue with the browser.
Using a proxy that bypasses the BIG-IP loads the video without issue so it's definitely something in our setup that causing the CORS errors.
Any suggestions on how to resolve this would be greatly appreciated.