RUM: CORS Missing Allowed Origin

I've search high and low trying to get this issue figured out. I am currently having CORS issues regarding POST via the RUM agent, but preflight OPTIONS passes.

APM server is deployed using Fleet. Bind is set to

All my COR policies are set to wildcards, so therefore they should not be blocked. I am receiving a 403 response. Here is a screenshot of my network tab:

Hi @WorldDrknss,

Thanks for reaching out!

It seems that the the CORS error is not related to your APM configuration. It seems that the POST request is being blocked by a firewall or something else. And since the response doesn't contain the allow-origin header the browser complains.

"Request Forbidden by administrative rules" is not coming from APM servers


I have a few questions:

Do you know if there is proxy/firewall configured in your network? Do you know if your proxy server handling APM events have any kind of security policy?

Have you tested in Firefox/Safari? I'm saying that because in Chromium browsers the payload is compressed with gzip. That might require changes in your firewall/proxy policies.

There is an additional way to check if the compression is the reason behind the issue. From version 5.11.1 if you load your webpage adding the query parameter elastic_inspect_beacon=true to your url the compression will be disabled for that browser tab

Another thing you can try to do is to clear the cache of your browser.

Edit: I just tested your website (chrome and firefox) and it works properly:

Let me know if this helps you


Thanks I was finally able to figure out what was blocking the request. It turned out application/x-ndjson was not allowed through our WAF.

1 Like

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.