When submitting Service Catalog requests in Service Point (or add to cart) using Google Chrome, the following CORS error may seen in the browser console:
"Access to XMLHttpRequest at 'http://catalogserver:8080/usm/wpf...' from origin 'http://servicepoint:9002' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."
The changes documented for setting cors.allowed.origins have already been performed as per the documentation: https://techdocs.broadcom.com/us/en/ca-enterprise-software/business-management/ca-service-management/17-3/installing/post-installation-tasks/ca-service-catalog-post-installation-tasks.html
Release : 17.3
Component : CA SERVICE CATALOG
Firstly, edit the cors.allowed.origins to include all the hosts and ports that the server may be accessed over - failure to do so may also trigger this error.
However, this particular problem may not only be a CORS issue. It is also related to new chrome security restriction on cross site cookies. In order to fix this, you must enable SSL - you can see if this is the cause by testing with Firefox browser, which does not, at time of writing, have this restriction.