It took me way too long to figure out how to get S3 cors headers working, here are my notes.
- In the S3 interface, click the magnifying glass icon to the left of your bucket.
- Click the “Edit CORS Configuration” button. It should be right next to “Add Bucket Policy”
- You should already have a CORS XML file in here, if not mine looked like this :
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
</CORSRule>
</CORSConfiguration>
- This CORS header allows all websites to perform GET requests against this resource.
- To reference the file, you must use the url structure
[bucket].s3.amazonaws.com/[object]
- If using an img tag, it must contain the attribute
crossorigin="anonymous"
. Read more here.
Check out MDN for more information about CORS headers.
Posted toTechon7/5/2014