Why can I use "http://localhost:PORT" with CORS in Spaces?

Posted on January 24, 2018
Object Storage
Asked by Paul Webb

Safari doesn’t respect my wildcard rule in CORS but Firefox and Chrome do. None of the suggestions in this StackOverflow post helped either: https://stackoverflow.com/questions/16824661/cors-request-not-working-in-safari/39875236.

I feel like this could be remedied if Spaces was configured to allow a URL without a TLD.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Andrew SB

DigitalOcean Employee

• February 28, 2018

Accepted Answer

Thanks for flagging this issue for us. It looks like the input validation in our control panel is a bit too strict here. As a work-around until this experience is improved, you can create CORs configurations for Spaces using the API for origins without a TLD. For example, using s3cmd you can run:

s3cmd setcors cors.xml s3://example-space

Where the contents of the cors.xml file contains your CORs configurations in XML format. For example:

<CORSConfiguration>
 <CORSRule>
   <AllowedOrigin>http://localhost:3000</AllowedOrigin>

   <AllowedMethod>PUT</AllowedMethod>
   <AllowedMethod>POST</AllowedMethod>
   <AllowedMethod>DELETE</AllowedMethod>

   <AllowedHeader>*</AllowedHeader>
 </CORSRule>
</CORSConfiguration>