CORS header ‘Access-Control-Allow-Origin’ missing
<?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>Authorization</AllowedHeader> </CORSRule> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSeconds> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>
https://stackoverflow.com/a/49393255/1399891
https://stackoverflow.com/questions/45281858/amazon-s3-cloudfront-cors-issue
Cloudfront Distributions > Behaviors > Edit >
Allow Http Method > GET, HEAD, OPTIONS
Cache Based on Selected Request Headers > Whitelist
Whitelist Headers >
Access-Control-Request-Headers Access-Control-Request-Method Origin