Troubleshooting CORS Issues
When you are accessing buckets set with the CORS configuration, if you encounter unexpected behavior the following are some troubleshooting actions you can take:
Verify that the CORS configuration is set on the bucket.
For instructions, go to Editing Bucket Permissions in the Amazon Simple Storage Service Console User Guide. If you have the CORS configuration set, the console displays an Edit CORS Configuration link in the Permissions section of the Properties bucket.
Capture the complete request and response using a tool of your choice. For each request Amazon S3 receives, there must exist one CORS rule matching the data in your request, as follows:
Verify the request has the Origin header.
If the header is missing, Amazon S3 does not treat the request as a cross-origin request and does not send CORS response headers back in the response.
Verify that the Origin header in your request matches at least one of the
AllowedOriginelements in the specific
The scheme, the host, and the port values in the Origin request header must match the
CORSRule. For example, if you set the
CORSRuleto allow the origin
http://www.example.com, then both
http://www.example.com:80origins in your request do not match the allowed origin in your configuration.
Verify that the Method in your request (or the method specified in the
Access-Control-Request-Methodin case of a preflight request) is one of the
AllowedMethodelements in the same
For a preflight request, if the request includes an
Access-Control-Request-Headersheader, verify that the
AllowedHeaderentries for each value in the