R2 CORS policy not working for localhost in last few days

ackondro · December 2, 2022, 9:39am

I have a CORS policy set on a R2 bucket that is mapped to a custom domain. It has been working fine for the last few weeks with no issues. It hosts static json content that is used across multiple domains.

The Allowed Origins is set to several domains, mostly https production domains, but there is a http localhost entry for development. In the last day or two, R2 is no longer setting the allowed origin correctly for the development record.

Anybody else seen this? The CORS policy hasn’t been changed for a week or two, but the problem started showing up in the last day or two?

ackondro · December 15, 2022, 7:38am

After more research, it seems that something is caching the Access-Control-Allow-Origin response, seemingly on Cloudflare’s side. I’m seeing the Vary: Origin header on the request, but Cloudflare is responding with the wrong domain for Allowed-Origin. It seems like Vercel has/had a similar problem.

system · December 30, 2022, 7:39am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CORS issue with R2 ( calling from localhost ) API	1	136	January 12, 2025
R2 CORS help Storage	0	738	November 3, 2023
R2 CORS stopped working for me Storage	2	1475	October 28, 2023
Problem with settings CORS policies on R2 Storage	69	18327	January 5, 2025
Tunnel CORS failure with r2 presigned url Cloudflare Tunnel	0	971	April 18, 2023

R2 CORS policy not working for localhost in last few days

Related topics