Hi Klever team,
we’ve been loading the ESM build of the Klever Web SDK from sdk.kleverscan.org
for a while. Starting today, browsers began blocking it with a CORS error, even though nothing changed on our side.
Our site (origin): https://playklever.games
SDK URL (previously): https://sdk.kleverscan.org/kleverchain-sdk-web-esm-1-0-x.js
Errors we see
Access to script at ‘``https://sdk.kleverscan.org/kleverchain-sdk-web-esm-1-0-x.js’
from origin ‘``https://playklever.games``’ has been blocked by CORS policy:
No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
and:
GET ``https://sdk.kleverscan.org/kleverchain-sdk-web-esm-1-0-x.js`` net::ERR_FAILED 200 (OK)
DevTools details
-
Script is loaded as ES module (
type="module"
) → fetched in CORS mode. -
Response is 200 OK,
Content-Type: application/javascript
. -
No
Access-Control-Allow-Origin
header on the response (and none on redirect hops). -
Result: browsers drop the response post-fetch.
To keep production stable, we’ve switched to self-hosting the file under our own domain (same-origin), i.e.:
import { web } from ‘/vendor/klever/kleverchain-sdk-web-esm-1-0-x.js’;
Questions:
-
Did you change CDN/headers or caching rules on
sdk.kleverscan.org
for the ESM build? -
Is there an official, stable distribution path (CDN or npm) you recommend for the web ESM build?
-
Could you restore/add the required CORS headers (at least
Access-Control-Allow-Origin: *
or per-origin) so cross-origin module loading works again? -
Do you provide versioning, changelogs, and checksums (e.g., semver tags, release notes, SHA256) so we can safely self-host and know when updates happen?
-
Is there a preferred import (package name + entry file) we should use if we migrate to npm bundling?
What we need for reliability
-
A stable URL or npm package entry for the web ESM build.
-
Correct CORS headers on CDN responses for ESM usage.
-
Changelog & versioning so we can decide when to update our self-hosted copy.
Happy to provide full header screenshots or a minimal repro if needed. Thanks in advance for clarifying!
Greetings
Andreas