Skip to main content
Question

CORS Error in Figma Plugin Despite Configuring allowedDomains and devAllowedDomains

  • January 17, 2025
  • 4 replies
  • 322 views

Jeet Shah

I am encountering a CORS error in my Figma plugin. Previously, it was working fine after adding entries in the manifest.json for networkAccess. My current configuration is:
 

"networkAccess": {

  "allowedDomains": [

    "*"

  ],

  "devAllowedDomains": [

    "*"

  ],

  "reasoning": "Dev Purpose"

}


Despite using "*", the plugin has started giving CORS errors recently. Is there any change in how Figma handles networkAccess, or is there something else I need to check to resolve this issue?

4 replies

y_toku
Figmate
  • Community Support
  • 2500 replies
  • January 20, 2025

Hi there,

 

Thanks for reaching out. I'm checking with our internal team. I will get back to you when I have anything I can share with you. 

 

Thanks for your patience.

Toku

 


y_toku
Figmate
  • Community Support
  • 2500 replies
  • January 28, 2025

Hi ​@Jeet Shah

Thanks for your patience!

A CORS error indicates that the server that you are making the request to is rejecting the request. To confirm, have you made changes to your backend recently, especially around the Access-Control-Allow-Origin  response header? If so, could you share a bit more details?

Thanks,
Toku


Iury_Carlos
  • New Member
  • 2 replies
  • May 14, 2025

I'm facing that as well. Working nice for a long time. Now i have exactly the same error.

It is failing to access a .js in the same directory at ui.html


reynaldi
  • New Member
  • 2 replies
  • June 5, 2025

Hi ​@Jeet Shah,  it would be best if you could provide the error message for people to help.

But generally here is how it works, networkAccess here is for controlling whether your plugin can make a network request to the certain API or resource.

However, for you to be able to read the response from the API (and not get CORS error), the API must return the appropriate CORS header mentioned by y_toku, which is Access-Control-Allow-Origin.

This is not something controlled via the Figma plugin, but rather by the owner of that API or resource.

 

tl;dr

networkAccess → allow plugin to send the request

CORS → allow your plugin to read the response


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings