About CORP (Content-Origin-Resource-Policy) headers in combination with Consent Studio CMP
What is CORP?
Cross-Origin Resource Policy (CORP) is a security header that some websites use to control which external resources can be loaded. Websites with strict security policies may block third-party scripts that don't include proper CORP headers.
Consent Studio is Fully Compatible
Good news: Consent Studio is fully compatible with CORP policies out of the box. No special configuration is required on your end.
All Consent Studio scripts include the necessary headers to work on websites with strict cross-origin security policies. Whether you're using our consent banner, cookie declaration, or integration scripts, they will load correctly regardless of your site's CORP configuration.
Troubleshooting
If you're experiencing issues loading the Consent Studio widget, here are some things to check:
Error: "blocked by Cross-Origin-Resource-Policy"
This error typically indicates a browser caching issue rather than an actual compatibility problem. Try the following:
Clear your browser cache - Old cached versions of the script may not include the updated headers
Try an incognito/private window - This loads the script without cached data
Check your Content Security Policy (CSP) - Ensure
consent.studiois allowed in your script-src directive
Still having issues?
If you're still experiencing CORP-related errors after trying the above steps, please contact our support team with:
The exact error message from your browser console
Your website URL
Your browser name and version
We're here to help ensure Consent Studio works seamlessly on your website.