Capturing cross-domain script errors

This documentation is for version 6 of the BugSnag JavaScript notifier. We recommend upgrading to the latest release using our Upgrade guide. Documentation for the current release can be found here.

BugSnag ignores cross domain script errors by default, because they contain no useful information. You can fix this by loading your script using CORS.


  1. Add the CORS header to your web-server.

    Access-Control-Allow-Origin: *
  2. Add the crossorigin attribute to your script tag.

    <script src="//" crossorigin></script>

For more information, see our blog post.

Webserver instructions


  1. Use the following configuration snippet. Replace /assets/by the path that contains your javascript.

    location /assets/ {
      add_header 'Access-Control-Allow-Origin: *';

Amazon S3

  1. Log into the S3 Console
  2. Open your bucket
  3. Click “Properties” in the top right.
  4. Under “Permissions” click “Add CORS Configuration”.
  5. Use the following policy

    <?xml version="1.0" encoding="UTF-8"?>
    <CORSConfiguration xmlns="">

Amazon Cloudfront

  1. In Cloudfront, under Distribution Settings, Behaviors, click “Create Behavior”.
  2. Set the “Path Pattern” to *
  3. Under “Forward Headers” select “Whitelist” and add “Origin” to the whitelist.
  4. Save the behavior.