Fix: CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Also fixes "The Canvas has been tainted by cross-origin data" with scripts

Fix Broken Canvas or CORS Issue

Set the allowed origin to your domain name. For example in Azure search "cors" in storage account and set something like this:


For Google Cloud Storage instructions can be found here:


Make sure to replace the domain name in the JSON config with your own domain name.

This is not needed for general annotation but is currently needed for automations.