Menu
So I have cors setup on my AWS S3 bucket:
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
</CORSRule>
</CORSConfiguration>
In my html
<div id="explain_canvas"></div>
In my javascript I am loading an image and placing it into a canvas image.
var outlineImage = new Image();
outlineImage.crossOrigin = '';
outlineImage.src = drawing_image;
outlineImage.onload = function() {
var canvasDiv = document.getElementById('explain_canvas');
var canvas = document.createElement('canvas');
canvas.setAttribute('width', 722);
canvas.setAttribute('height', 170);
canvas.setAttribute('id', 'canvas_'+canvas_element);
canvas.setAttribute('name', 'canvas_'+canvas_element);
canvasDiv.appendChild(canvas);
if(typeof G_vmlCanvasManager != 'undefined') {
canvas = G_vmlCanvasManager.initElement(canvas);
}
var context = canvas.getContext("2d");
context.drawImage(outlineImage, 10, 10, 600, 150);
}
I am loading the context like that to be compatible with internet explorer.
Here is my problem. When the page loads the first two times, it comes up with this error:
Cross-origin image load denied by Cross-Origin Resource Sharing policy.
However, when I reload the page a couple times, it will eventually work and load the image. Once it is done, I am able to successfully call toDataURL() on the canvas element.
Does anyone know why this happens? Have I made a mistake? Is it an issue with AWS and I'll just have to wait for Amazon to fix the cors?
It is happening in all browsers I have tested. In Chrome, Firefox, Safari, IE. On my Mac, PC, and iPhone. So I don't think it is browser related. Also, it happens locally and in production.
Thanks!
922
I keep useCORS set to true though to allow images from another source. In order to solve this I set up CORS on my AWS S3 bucket, but that didn't seem to work (or it worked partially). I noticed that the response header of those images don't have CORS metadata when the plugin uses them to generate the jpeg.
A CORS configuration is a document that defines rules that identify the origins that you will allow to access your bucket, the operations (HTTP methods) supported for each origin, and other operation-specific information. In the S3 console, the CORS configuration must be a JSON document.
You can use the AWS SDK to manage cross-origin resource sharing (CORS) for a bucket. For more information about CORS, see Using cross-origin resource sharing (CORS). Creates a CORS configuration and sets the configuration on a bucket To set a CORS configuration on your bucket, you can use the AWS Management Console.
Open the console in your browser devtools. Chose an image url from a different host that has CORS specifications. It's important to be from a different host, and to not return the Access-Control-Allow-Origin: * header, so we can trigger the CORS check. This happens for almost all of the s3-hosted images.
Apparently the browsers are not sending an origin header in the request headers. And aws requires the origin be sent. I'm not sure why this would be the case. The origin header should get sent even with a simple HTTP request. Alas, it is not.
And here is the reason why the origin head was not getting sent.
157
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
