Bug report: After initial Access policy creation, changes to CORS settings don't populate

We are using Cloudflare Access and require CORS settings. In two different Cloudflare accounts we have experienced the same issue:

When we try to adjust CORS settings (e.g. Access-Control-Allow-Credentials/Origin/Methods/Headers), the changes are reflected in the user interface.

However, we never observed any changes in Access’s behavior, i.e. the CORS headers of Cloudflare’s servers.

We always had to delete the entire Access Policy and create it from scratch with the desired changed CORS settings.

This topic was automatically closed after 14 days. New replies are no longer allowed.