The JavaScript SDK needs to be served with access-control-allow-origin: *

## Title: The JavaScript SDK needs to be served with access-control-allow-origin: *

### Endpoint(s):
* `GET https://connect.soundcloud.com/sdk/sdk-3.0.0.js`

### Scope(s):
* None

### Steps to reproduce:
Serve a page containing this:

```html
<!DOCTYPE html>
<html>
  <head>
    <script src="https://connect.soundcloud.com/sdk/sdk-3.0.0.js"></script>
  </head>
  <body>
  </body>
</html>
```

With this HTTP header:

```Cross-Origin-Embedder-Policy: require-corp```


### Expected behaviour:
The JavaScript sdk should load, and a window.SC object be present.

### Actual behaviour:
The SoundCloud SDK fails to load with this error in the console:

```GET https://connect.soundcloud.com/sdk/sdk-3.0.0.js net::ERR_BLOCKED_BY_RESPONSE```

And with this status in the network tab:

```(blocked:NotSameOriginAfterDefaultedToSameOriginByCoep)```

The sdk.js file needs to be served with this header in order to load in presence of the COEP header:

```access-control-allow-origin: *```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

The JavaScript SDK needs to be served with access-control-allow-origin: * #42

Title: The JavaScript SDK needs to be served with access-control-allow-origin: *

Endpoint(s):

Scope(s):

Steps to reproduce:

Expected behaviour:

Actual behaviour:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

The JavaScript SDK needs to be served with access-control-allow-origin: * #42

Description

Title: The JavaScript SDK needs to be served with access-control-allow-origin: *

Endpoint(s):

Scope(s):

Steps to reproduce:

Expected behaviour:

Actual behaviour:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions