Access to internal resources blocked by CORS policy

SOLVED: My issue was unrelated (Something with Gitlab pages and React) but I did find a way to get rid of the errors

In the manifest.json you want to add:

“permissions”: [



This gets rid of the CORS error.

Hi there,

For a university project I have to host a React page on Gitlab pages. I’ve done so succesfully in the past, however, I started encountering an error I haven’t seen before:


Part of the header:

Image of the flow:


We’re not in control of the page settings, so I can’t change anything server side nor set the repository to public (some of the suggestions I’ve read online). It loads the header, footer and an element in the body. The part that isn’t loading includes images and data, derived from the assets folder. I’m not calling on any API for data.

I’ll gladly provide any necessary information to fix this issue, I’ve been at it for days now and it’s driving me nuts.

Best regards,


1 Like