When running next dev
(Next.js 15, canary) ** in Firebase Studio**, I get the following error in the browser console:
⚠ Blocked cross-origin request from 6000-firebase-studio-xxxxx.cloudworkstations.dev to /_next/* resource.
To allow this, configure "allowedDevOrigins" in next.config
Despite attempts to configure the origin, requests to /_next/
resources are blocked due to CORS policy. This breaks dev mode completely — the page doesn’t load static assets (JS/CSS).
What I tried
- Set
allowedDevOrigins: ["https://6000-firebase-studio-xxxxx.cloudworkstations.dev"]
in next.config.js - Also tried using a wildcard:
Set `allowedDevOrigins: ["*.cloudworkstations.dev"]
Question
- Is this the expected behavior?
- Is there a correct way to define
allowedDevOrigins
in this remote browser-based dev setup? - If this is enforced for security — can this be relaxed in dev with a flag?