No 'Access-Control-Allow-Origin' header is present on the requested resource with Django digitalocean Spaces

Question

My Django website is hosting in digitalocean ubuntu 16.04 with Nginx.

I have setup digitalocean CORS Configurations as here https://www.digitalocean.com/docs/spaces/how-to/cors/ I added my domian name in the 'origin',checked all the options in 'Allowed Methods',the only thing I haven't done is add headers in 'Alowed Headers' because I have no idea what to add.

When I use digitalocean Spaces(a service based on and very similar as Amazon S3) as my static and media file storage.There is No 'Access-Control-Allow-Origin' header is present on the requested resource error:

Access to Font at 'https://nyc3.digitaloceanspaces.com/kjmgstorage/kjmgstorage/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://kjmg.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://kjmg.co' is therefore not allowed access.

I tried to use django-cors-headers,but I received:

502 Bad Gateway nginx/1.10.3 (Ubuntu)

So had to uninstalled it.

Any friend have any idea?Thank you so much!

Answer 1

You need to setup CORS at Digital ocean, not on your website. Check this: digitalocean.com/docs/spaces/how-to/cors

Answer 2

This is a pretty old question. But answering it cause someone may find it useful.

I have faced the same issue. First of all, if you are using DO (Digital Ocean) space you need to set the CORS header options to DO space, not in the django app.

You need to open the settings of DO space and go to CORS Configuration.

Then add Access-Control-Allow-Origin in the Allowed header section

Then give the Access Control Max Age value to 600 seconds, this means the browser will cache the CORS header info for 10 mins.

Finally don't forget to clear the cache from DO spcae's edge server if you are using CDN by clicking the purge cache button in settings otherwise you will waste a lot of time like me.