Client cannot sync - CORS error

I have the Same issue on two different machines, I’d say the issue first appeared around the 2025.8 update

Uncaught (in promise) Error: Duplicate script ID ‘fido2-page-script-registration’Access to fetch at ‘``https://api.bitwarden.com/config’`` from origin ‘chrome-extension://nngceckbapebfimnlniiiahkandclblb’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.background.js:2 Unable to fetch ServerConfig from ``https://api.bitwarden.com`` TypeError: Failed to fetchat ck.nativeFetch (background.js:0:0000000)at ck. (background.js:0:00000)at Generator.next ()at s (background.js:0:000000)The log has been redacted slightly.

Machine One

Browser: Brave v1.81.137

Browser Extension version: 2025.8.1

OS: windows

Machine Two:

Browser: Brave v1.81.137

Browser Extension version: 2025.8.1

OS: Ubuntu Linux

Is this familiar to anyone?

Ok i managed to get it to work again, apparently bitwarden does not play nice with the following setting

Allow this extension to read and change all your data on websites you visit:

On click

very strange behavior i must say, I enabled this to mitigate the risk of clickjacking attack that was discovered recently.

Anyway sync works now after i enabled Bitwarden to access all websites by default and the error message displayed in my initial post is no more.

For alternative approaches to mitigating the risk of clickjacking, please refer to the recommendations made in this comment.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.