Question

Problem to configure Digital Ocean Spaces with CORS

Hi everyone,

I would like to send a PUT request to our Digital Ocean Spaces Bucket using as outlined int the docs: see the API docs

Using Postman I can upload an object to the Spaces bucket (authorization headers seem to be calculated correctly). However when I try it with the browser /client I get the following CORS error

Failed to load resource: the server responded with a status of 403 (Forbidden) [https://bucketname.sgp1.digitaloceanspaces.com/Nx43jBxWbBSQcCYHfKOARe2Buml2/recordings/6b4eea96-0fbc-469a-91c6-8bea5eb3a18d/testUpload.txt]
Access to XMLHttpRequest at 'https://bucketname.sgp1.digitaloceanspaces.com/Nx43jBxWbBSQcCYHfKOARe2Buml2/recordings/6b4eea96-0fbc-469a-91c6-8bea5eb3a18d/testUpload.txt' from origin 'https://hostname.local' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. [https://hostname.local/settings]
Network Error

I changed bucket and hostname for obvious reasons.

Of course I tried to setup the CORS configuration in both the client as well as in DO spaces itself but I did not succeed after many hours. In DO spaces the Origin is set to * (wildcard) and I included / allowed all headers which are present in the clients request. Access Control Max Age is still set to zero as I don’t fully understand it, however changing it also did not alter anything.

Please also note that I am using NginX and Docker, so the client application running inside a docker container which is gated through the NginX server.

Most surprising to me is the fact that the error message says that the RESPONSE HEADER did not include the ‘Access-Control-Allow-Origin’ field, which means (in my understanding) that the DO spaces server did not respond correctly?!? So a side question is here: is there any way to change the response header form the DO spaces server?

I am very thankful for any help or suggestions.

Best, Caspar

Subscribe
Share

Did you find a solution? I’m facing exactly the same issue.

Same question for me, not working at all…

I had the same problem and I solved it by setting the Allowed Headers to *. It didn’t work if I manually set all the ‘access-control-’ headers that I saw in the pre-flight request; it had to be the *

Having the same issue, have raised a support ticket so will hopefully get to the bottom of it.


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

This comment has been deleted