Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Cross-Origin Resource Sharing(CORS) errors using XMLHttpRequest



A CORS error regarding access control checks occurred when Pega REST service was accessed from JavaScript or JQuery of a different domain.

Error Messages

XMLHttpRequest cannot load http://10.0:9080/prweb/PRRestService/RetrieveWBCount/Services/RetrieveWBCount. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

Steps to Reproduce

1. Create REST Service.
2. Access from different domain.

Root Cause

A defect or configuration issue in the operating environment.
The issue is due to the CORS (XmlHttpRequest), which was sent from local file instead of a server.


Here’s the explanation for the reported behavior:

As per CORS specifications – 
A resource makes a cross-origin HTTP request when it requests a resource from a different domain than the one which served itself. For example, an HTML page served from makes an image request for Many pages on the web load resources such as CSS stylesheets, images, and scripts from separate domains.

CORS gives web servers cross-domain access controls, which enable secure cross-domain data transfers.
Modern browsers use CORS in an API container, such as XMLHttpRequest - to mitigate risks of cross-origin HTTP requests.

Note that the CORS communication and access must happen using http:// across the domains and since user tried invoking REST service using CORS using file:// (local file) and got this error.
Therefore, Pega recommends user to try this invocation from a page, which is hosted on a domain server instead of a local file path.

Published April 27, 2016 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us