Add-Ins custom functions work fine on desktop, but throw a CORS error when loaded in on-line Excel:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xl.celin.io/assets/functions.json. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.
Check whether CORS header "Access-Control-Allow-Origin" is configured for the add-in's server. For example, in sample add-in created by yo office, there is the following field in webpack.config.js:
devServer: {
...,
headers: {
"Access-Control-Allow-Origin": "*",
},
...
},