Firefox blocks `/eval/` requests

[drewcorlin1]

Describe the bug
Non-anonymous eval requests (https://clientstream.launchdarkly.com/eval/<id>/<data>) are being blocked only in firefox (working fine in Chrome, Safari, Edge) with the error message below.

To reproduce
Make an identify() call with the LaunchDarkly client

Expected behavior
No error is logged in the console

Logs

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://clientstream.launchdarkly.com/eval/<id>/<data>. (Reason: CORS request did not succeed). Status code: (null).

SDK version
3.0.6

Language version, developer tools
Javascript/React with the sync LD provider

OS/platform
Mac OS Ventura 13.3.1 - Firefox 115.0.3 64 bit

Additional context
The anonymous identify call (seemingly triggered automatically by LD) is not blocked. Also the non-anonymous call that does throw an error seems to actually register the context in LaunchDarkly, so it might just be noise.

[yusinto]

@drewcorlin1 are you able to share more information about this please?

• Is this happening in dev only or in production or both?
• Please share some of the application code which shows your usage of the react sdk.
• Do live updates/streaming still work even with the error?
• Are you running any third party plugins in firefox that may cause the issue? Can you please try reproducing in incognito?
• Do you have enhanced protection settings turned on in firefox which may cause the issue?

[ToothpickFactory]

@yusinto

• This is happening in both production and dev
• The app still works despite these CORs issue errors being thrown
• This was run in clean version of Firefox and within incognito
• Enhanced protection is not on

[yusinto]

Thank you, we will investigate. Internally logged as 213182.

[drewcorlin1]

@yusinto is there any update on this?

[github-actions]

This issue is marked as stale because it has been open for 30 days without activity. Remove the stale label or comment, or this will be closed in 7 days.

[drewcorlin1]

Still hoping for a response here

[gdp2]

Is there any updates on this.

[ikhramtsov-st]

Still seeing this issue.