3263904 - SAP Companion (Web Assistant) fails with CORS error

1. When opening the Fiori Launchpad which has the SAP Companion integrated in an extended or custom content scenario, the content is not available in the Companion, and has console log errors:
   

   • Access to XMLHttpRequest at 'https://<customer host>.enable-now.cloud.sap/wa/<work area>/~tag/published/.record' from origin 'https://<launchpad host>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

   • Access to XMLHttpRequest at 'https://<customer host>.enable-now.cloud.sap/pub/<work area>/.catalogue?%7B%22product%22%3A%22SAP_S4HANA_ON-PREMISE%22%2C%22version%22%3A%222020.latest%22%2C%22appUrl%22%3A%5B%22Shell-home%22%2C%22Shell-home!whatsnew%22%5D%2C%22locale%22%3A%5B%22en-US%22%2C%22en-GB%22%5D%2C%22solution%22%3A%22S%2F4HANA%22%7D' from origin 'https://<launchpad host>' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.?

2. It's also possible that SAP Companion Works for Fiori Launchpad on one site, but not on others.

• SAP Fiori Launchpad
• SAP Companion (Web Assistant)

CORS cross-origin resource sharing xss cross-site scripting , KBA , KM-SEN-CMP , SAP Companion former known as Web Assistant , Problem