Problem to configure Digital Ocean Spaces with CORS

Posted February 8, 2019 3.7k views
APISystem ToolsObject Storage

Hi everyone,

I would like to send a PUT request to our Digital Ocean Spaces Bucket using as outlined int the docs:
see the API docs

Using Postman I can upload an object to the Spaces bucket (authorization headers seem to be calculated correctly). However when I try it with the browser /client I get the following CORS error

Failed to load resource: the server responded with a status of 403 (Forbidden) []
Access to XMLHttpRequest at '' from origin 'https://hostname.local' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. [https://hostname.local/settings]
Network Error

I changed bucket and hostname for obvious reasons.

Of course I tried to setup the CORS configuration in both the client as well as in DO spaces itself but I did not succeed after many hours. In DO spaces the Origin is set to * (wildcard) and I included / allowed all headers which are present in the clients request. Access Control Max Age is still set to zero as I don’t fully understand it, however changing it also did not alter anything.

Please also note that I am using NginX and Docker, so the client application running inside a docker container which is gated through the NginX server.

Most surprising to me is the fact that the error message says that the RESPONSE HEADER did not include the ‘Access-Control-Allow-Origin’ field, which means (in my understanding) that the DO spaces server did not respond correctly?!? So a side question is here: is there any way to change the response header form the DO spaces server?

I am very thankful for any help or suggestions.

Best, Caspar


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer