This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 38%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Hi all
We are seeing a significant number of exceptions being logged to App Insights by our Azure AD B2C custom policies.
Microsoft.Cpim.UserExperience.Client.CrossOriginException
The resource 'https://xxx/xxx.html' contains script errors preventing it from being loaded.
The issue seems to be intermittent as the vast majority of users are able to sign in successfully. We can see a similar error message in the logs of some of our relying parties, indicating it is being sent in the response by Azure AD B2C, so seems likely that this manifests as a visible issue when it occurs.
Our UI templates are hosted in a storage account, and the CORS policy is configured as per Microsoft documentation. We have also confirmed that the templates do not contain any script errors.
Having reviewed the obvious things and having no success we are now left scratching our heads. If anyone is able to offer any insights on what might be the potential cause these would be gratefully received.
Thanks in advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 26%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EN%3C/text%3E%3C/svg%3E)
Hi @Chris Beer
Thank you for posting this in Microsoft Q&A.
I'm reviewing your query, will get back to you shortly.
Thanks,
Navya.
Hi @Chris Beer
Thank you for posting this in Microsoft Q&A.
I understand that you are noticing a significant number of exceptions being logged to App Insights in your Azure AD B2C custom policies.
Based on the error message "Microsoft.Cpim.UserExperience.Client.CrossOriginException - The resource 'https://xxx/xxx.html' contains script errors preventing it from being loaded", it seems the issue is occurring due to script errors.
As you mentioned, you have already checked the script, confirmed there are no errors, and enabled the CORS policy.
Could you please confirm which type of storage account you are using? If you're using an Azure Storage Blob, the CORS configuration should look like this: https://your-tenant-name.b2clogin.com (in lowercase).
If it matches, this generally means it is not an issue with CORS, but rather an issue with the hosting provider reliably returning all images, JavaScript, CSS, etc., that are referenced in the custom HTML document. To troubleshoot this scenario, it is recommended to run load tests on the custom HTML page.
Thanks,
Navya.
Hi @Chris Beer
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Hi @Chris Beer
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.