Getting CORS error—what are the correct CORS settings?

Brandon_Pancost · November 3, 2023, 5:20pm

I am getting CORS errors using this method because the javascript is run from a sandbox so the origin in fetch calls is always null. I've tried allowing every origin for PUT requests on my bucket, but it seems that AWS might have changed the handling so that null origin is always a CORS failure. I'm wondering if anyone has found a workaround? Here's my current CORS configuration:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "POST",
            "DELETE",
            "HEAD"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": []
    },
    {
        "AllowedHeaders": [],
        "AllowedMethods": [
            "GET"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": []
    }
]

victoria · November 3, 2023, 7:42pm

Hey @Brandon_Pancost!

According to our S3 docs, your CORS config should be something like this:

[
  {
    "AllowedOrigins": ["https://example.com"],
    "AllowedMethods": ["PUT", "POST", "DELETE"],
    "AllowedHeaders": ["*"]
  },
  {
    "AllowedOrigins": ["*"],
    "AllowedMethods": ["GET"]
  }
]

If you don't mind sharing, what are you currently trying to accomplish?