We moved this page to our Documentation Portal. You can find the latest updates here. |
Amazon S3 selectively sends CORS response headers, based on the request headers. So if by chance a browser requests the URL without CORS request header, then the edge server will cache the response from Amazon S3, which does not have CORS header.
This can be worked around by using one of these HTTP Rules:
- Fake a CORS request to Amazon S3:
- Condition: Default
- Action 1: Set request header to origin "Origin", value "origindomain.com"
- Action 2: Set request header to origin "Access-Control-Request-Method", value "GET"
- Or, send a CORS response to the client
- Condition: Default
- Action 1: Set response header to client "Access-Control-Allow-Origin", value "*"
- Action 2: Set response header to client "Access-Control-Allow-Methods", value "GET"
- Action 3: Set response header to client "Access-Control-Max-Age", value "3000"