Pyodide_py.tar blocked

As a side direct effect of creating pyscript, you’re going to get webdev idiots like me asking questions, so apologies in advance.

My organization seems to be blocking tar files, so all PyScript sites fail to load. Here is what I see in the console:

Access to fetch at ‘’ from origin ‘’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

Navigating directly obviously blocks an attempted download

Is there any workaround or am I just screwed unless I request an exception from IT?

Where are you seeing code that’s trying to download a .tar file?

I may have missed something but i don’t recall seeing actual PyScript pages trying to download .tar files.

.tar files are archive files, so more likely to be used for someone distributing all the files together for a dev to work with rather than for direct use by web page. If your IT are blocking them then you won’t be able to download them but I suspect it wouldn’t impact use of PyScript. It’ll depend how reasonable your IT are but if you explain why you want to download it they might be able to help.

If you just want to work on a PyScript page then you can do that as outlined here, without needing a .tar file:

@neil As part of its loading process, Pyodide attempts to load and unpack pyodide_py.tar from the same root URL that it loaded pyodide.js from. See this bit of the loadPyodide() function, which is what PyScript uses to load the Pyodide runtime as its default interpreter.

You can also see pyodide_py.tar in the network tab of the dev tools when you load a page with pyscript:


@mcmastc1 one option would be to build Pyodide locally and point PyScript at that using <py-config>'s runtimes parameter. If you go that route, I highly recommend building it using Docker instead of trying to manually assemble the chain of dependencies it requires. Though it’s possible that some part of this build process will be blocked by your IT department as well.

1 Like

Ah, thanks Jeff, I had never noticed that before.

I thought everything came from the .js but given it’s as you highlight i can see this being an issue for @mcmastc1