Hi everyone,
I would like to send a PUT request to our Digital Ocean Spaces Bucket using as outlined int the docs: see the API docs
Using Postman I can upload an object to the Spaces bucket (authorization headers seem to be calculated correctly). However when I try it with the browser /client I get the following CORS error
Failed to load resource: the server responded with a status of 403 (Forbidden) [https://bucketname.sgp1.digitaloceanspaces.com/Nx43jBxWbBSQcCYHfKOARe2Buml2/recordings/6b4eea96-0fbc-469a-91c6-8bea5eb3a18d/testUpload.txt]
Access to XMLHttpRequest at 'https://bucketname.sgp1.digitaloceanspaces.com/Nx43jBxWbBSQcCYHfKOARe2Buml2/recordings/6b4eea96-0fbc-469a-91c6-8bea5eb3a18d/testUpload.txt' from origin 'https://hostname.local' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. [https://hostname.local/settings]
Network Error
I changed bucket and hostname for obvious reasons.
Of course I tried to setup the CORS configuration in both the client as well as in DO spaces itself but I did not succeed after many hours. In DO spaces the Origin is set to * (wildcard) and I included / allowed all headers which are present in the clients request. Access Control Max Age is still set to zero as I don’t fully understand it, however changing it also did not alter anything.
Please also note that I am using NginX and Docker, so the client application running inside a docker container which is gated through the NginX server.
Most surprising to me is the fact that the error message says that the RESPONSE HEADER did not include the ‘Access-Control-Allow-Origin’ field, which means (in my understanding) that the DO spaces server did not respond correctly?!? So a side question is here: is there any way to change the response header form the DO spaces server?
I am very thankful for any help or suggestions.
Best, Caspar
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
This comment has been deleted
Did you find a solution? I’m facing exactly the same issue.
Same question for me, not working at all…
I had the same problem and I solved it by setting the Allowed Headers to
*
. It didn’t work if I manually set all the ‘access-control-’ headers that I saw in the pre-flight request; it had to be the*
Having the same issue, have raised a support ticket so will hopefully get to the bottom of it.