CORS Policy : No Access-Control-Allow-Origin even when there is one

[MaitreGEEK]

Describe the bug

Access to fetch at 'https://mydomain.com/.well-known/matrix/client' from origin 'http://localhost:44548' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
mydomain.com/.well-known/matrix/client:1 Failed to load resource: net::ERR_FAILED

(I replaced mydomain.com for you, but in the log it's my personal domain)

I enabled all cross-origins from nginx, even locahost and there is still this issue.

Reproduction

No response

Expected behavior

No response

Platform and versions

OS : Windows 11
Cinny version 4.11.1 installed via winget

Additional context

No response

[Bedodev]

edit: Turned out to be a dns caching issue on my side serving old cors policy. Leaving the original comment below for context.

Currently facing the same issue, both on the official release and when building with Tauri on Windows 11 and Cinny 4.11.1.

Interestingly enough, it only affects my homeserver. When logging in with a matrix.org account, the request completes successfully.
I'm inclined to believe it's Tauri-related, as running Cinny with vite or using an unofficial Electron build of Cinny also bypasses the CORS policy issue.

[kfiven]

Probably an issue at your end if it can connect to other homeservers.

[MaitreGEEK]

well it works when using official instance, but using the winget one, nope. I don't know why because I've set up everything to accept cors requests

[kfiven]

by official instance you meant "app.cinny.in"?

[MaitreGEEK]

Yes Le mar. 17 mars 2026, 00:22, Krishan ***@***.***> a écrit :

…

*kfiven* left a comment (cinnyapp/cinny-desktop#552) <#552 (comment)> by official instance you meant "app.cinny.in"? — Reply to this email directly, view it on GitHub <#552 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AVRI7XXA4WYK232H5C4HODL4RCEFDAVCNFSM6AAAAACWTQASXKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHM2DANZRGI3TIMBWGM> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[MaitreGEEK]

edit: Turned out to be a dns caching issue on my side serving old cors policy. Leaving the original comment below for context.

Currently facing the same issue, both on the official release and when building with Tauri on Windows 11 and Cinny 4.11.1.

Interestingly enough, it only affects my homeserver. When logging in with a matrix.org account, the request completes successfully. I'm inclined to believe it's Tauri-related, as running Cinny with vite or using an unofficial Electron build of Cinny also bypasses the CORS policy issue.

Maybe there's something with Cloudflare too, and might be something with http3 ?