Can you please provide more details from the console.log. The message you quote is just a warning that it might be disabled it doesn't actually mean that it was.

But when I load the site I see a cross origin issue policy issue.

XMLHttpRequest cannot load https://www.ford.com/?block=widgetData&context=local&zipcode=94085&plantype=MSRP. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://owner.ford.com' is therefore not allowed access.

I'll post the full console.log tonight, this doesn't reproduce on my work Macbook for some reason

Yes, I see the same cross origin policy issue. It doesn't happen in the same version of Chrome on my Macbook, and it doesn't reproduce in Edge & Firefox.

Deleted: owner.ford.com-1485850916331.log 10.1 KB

owner.ford.com-1485850916331.log 10.1 KB View Download

Tested in chrome stable #56.0.2924.76 and canary #58.0.2998.0 on Win 10.0 able to reproduce the issue.
Below are the Bisect Details:

Bisect Info:
=============
Good Build: 53.0.2784.0(Revision - 403038)
Bad Build: 53.0.2785.0(Revision - 403382)

Bisect URL:
=========== 
You are probably looking for a change made after 403316 (known good), but no later than 403357 (first known bad).
CHANGELOG URL:
https://chromium.googlesource.com/chromium/src/+log/e7f9456d7512988bc01ac54b698de5d80ef8fb77..d76167da283ac2d1820e6d72cf8d783089d1109c

From the CL above, assigning the issue to the concern owner

@ dgozman : 
------------------
Could you please look into the issue, pardon me if it has nothing to do with your changes and if possible please assign it to concern owner.

Review-Url: https://codereview.chromium.org/2104063002

Note: Not able to reproduce the issue on ubuntu14.04 and Mac 10.12.2.

From the attached log, it is confirmed that the issue is not related to the document.write warning since there is no error message for those scripts being actually blocked. If the scripts were actually blocked, there should have been an error message with code ERR_CACHE_MISS. This can also be confirmed from the Network tab that those scripts are indeed not blocked.

Labeling with more specific components for the error:
"owner.ford.com/:1 XMLHttpRequest cannot load https://www.ford.com/?block=widgetData&context=local&zipcode=94063&plantype=MSRP. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://owner.ford.com' is therefore not allowed access."

tyoshino@: Can you triage this? It's not clear to me whether this is a bug in the site, or a bug in our CORS checks.

It looks the site or Chrome has been fixed.

I accessed the site using Chrome 57.0.2987.133 on Windows and it rendered correctly without any error on the console.

vladandjeric@, are you still seeing this issue?

----

BTW, I tested this also on my Linux workstation. The site shows a white empty box on top of the main contents which is grayed out.

This issue goes away when I change the User Agent to Windows, and after that it still works even if we change the User Agent back to Linux. Clearing storage using the DevTools Application tab makes the issue happen again.

To be more precise, regarding the 2nd point in the last comment, clearing "Local and session storage" makes the issue happen again.

This is the error I got.

TypeError: Cannot read property 'ANDROID' of undefined
    at Object.i.setDefaultOperatingSystem (operatingSystem.js:145)
    at n (operatingSystem.js:80)
    at Object.<anonymous> (operatingSystem.js:238)
    at Object.a [as invoke] (angular.js:3968)
    at angular.js:3810
    at n (angular.js:3932)
    at a (angular.js:3959)
    at Object.r [as instantiate] (angular.js:3979)
    at angular.js:7310
    at angular.js:6699

It works for me now

I still get errors in my devtools console though (with Chrome 57.0.2987.133 on Windows), including:

XMLHttpRequest cannot load https://www.ford.com/?block=widgetData&context=local&zipcode=94063&plantype=MSRP. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://owner.ford.com' is therefore not allowed access.

This might be a site issue though

Thank you for providing more feedback. Adding requester "tyoshino@chromium.org" to the cc list and removing "Needs-Feedback" label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Thank you for checking.

Are you signed in? I'm wondering if it might happen only when signed in.

Yes, I was signed in

I've tried hitting https://www.ford.com/?block=widgetData&context=local&zipcode=94063&plantype=MSRP directly and it really doesn't provide a Access-Control-Allow-Origin header on the response. In which case it is simply a server configuration error.

Lowering priority based on age of issue.

Strictly speaking, we need to check that the URL is not emitting the required CORS headers even when we're logged in, but basically we want the site to take care of what ricea@ said.

Since the site asks for vehicle number, member ID, etc. we cannot create an account for testing easily.

If it's still causing you a problem, please report the issue to the site first. Thank you. Closing for now.