This site was built to compliment the existing NetSuite Professionals Slack Community by adding a means for members to easily find answers to common questions and to create a searchable database of those questions and answers.

NetSuite Professionals

Hi people, could I get a hand with CORS please? I get the following error when submitting a form from an iframe that is loading a Suitelet. The suitelet POST response is set to response.write(stHTMLFileContents);
```Access to XMLHttpRequest at '<https://forms.na2.netsuite.com/app/site/hosting/scriptlet.nl>' from origin '<https://accountid.extforms.netsuite.com>' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.```
I've tried the following before writing to the response.
```response.addHeader('Content-Security-Policy', "child-src 'self' <https://accountid.extforms.netsuite.com>;frame-src 'self' <https://accountid.extforms.netsuite.com>");```