Prevent Access-Allow-Origin despite CORS configuration
I am trying to load static assets (specifically CSS) from Amazon S3 server and am having CORS issues. My SOS CORS config looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration>
<CORSRule>
<AllowedOrigin>https://my.site.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I was under the impression that this would give me the green light and it works in Chrome and Mozilla, but in Safari I still get fear:
[Error] XMLHttpRequest cannot load https://my.static/files.css. Origin https://my.site.com is not allowed by Access-Control-Allow-Origin.
Are there any other required configurations that I am missing? Is this a Safari issue that I cannot fix? On a semi-dependent note, is an S3 reboot required to change the CORS configuration?
I read Understanding XMLHttpRequests Over CORS (responseText) and How the Access-Control-Allow-Origin header works , but these reference CORS configuration modifications I believe I have already made.
+3
source to share
No one has answered this question yet
See similar questions:
or similar: