Unable to figure out "Access Control Allow Origin" Error!

GroovyMammoth · June 17, 2019, 11:28pm

Hello! I’m trying to configure CORS headers with AWS for my Glitch project. However, I get this difficult error:

Access to image at ‘https://s3.amazonaws.com/vrthday-images/240_F_78696623_0tW8XF6TdwplkwdsauIp75SSCmdUu00l.jpg’ from origin ‘https://equal-whippet.glitch.me’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

On the AWS side, I have enabled CORS configuration. How do I fix this in my Glitch project?

Anything is appreciated – thanks!
Ben

cori · June 18, 2019, 4:44am

Hey @GroovyMammoth can you let us know what browser and operating system you’re on?

GroovyMammoth · June 18, 2019, 2:25pm

Hi @cori!

I’ve been using Google Chrome with a Mac OS, but we’ve noticed this issue with different OS and browsers as well.

GroovyMammoth · June 19, 2019, 4:30pm

Hi @cori,

I know this is all a bit hard over this forum…so I’ve reserved some office hours for us to discuss this. Looking forward to it!

Ben

cori · June 19, 2019, 4:43pm

Hey @GroovyMammoth I saw those and am happy to take a look with you. What’s making it extra-difficult from my end is that I’m not able to repro the problem consistently.

One thing I note is that if you try to load any of the images from Glitch’s CDN (which is an S3 bucket like the one that’s housing your lemons) like the ones in your project’s assets drawer I see the response headers I’d expect for CORS. However when I load one of your lemon images I do not see the appropriate CORS headers. Can you double check your S3 settings, and perhaps provide a screenshot of those?

cori · June 20, 2019, 6:09pm

Hey @GroovyMammoth I played with this a little more, and Remixed it and used one of the urls for one of the assets you’d uploaded and replaced one of the lemon image urls with that address, and everything worked as expected for that image:

This further leads me to believe that your S3 bucket’s settings are where things are breaking down. Have you had a chance to verify those yet?

GroovyMammoth · June 20, 2019, 6:29pm

Hi @cori,

Here’s the S3 code!

cori · June 20, 2019, 6:32pm

Here’s what the assets bucket that’s providing the working image I showed looks like:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>HEAD</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <MaxAgeSeconds>86400</MaxAgeSeconds>
    <AllowedHeader>Content-*</AllowedHeader>
    <AllowedHeader>origin</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Perhaps making that update would be a good place to start!

Topic		Replies	Views
Cors error after latest ui changes on glitch Glitch Help	1	290	July 16, 2022
CORS error within Playcanvas connecting to Glitch server Glitch Help	8	798	June 13, 2020
[Resolved] CORS Issue with assets Glitch Help editor	4	164	February 20, 2024
Image Not Showing (Using A-Frame) - What's The Issue? Glitch Help	11	2930	June 17, 2019
Content Security Policy Error with Glitch Site Glitch Help editor	14	1592	May 17, 2022

Unable to figure out "Access Control Allow Origin" Error!

Related Topics