How do I get around this "Access-Control-Allow-Origin" error when enacting a CORS Policy?

Linode Staff

I was following this guide on setting up Cross-Origin Resource Sharing and am getting an error that reads:

No 'Access-Control-Allow-Origin' header is present on the requested resource'

I set the entire bucket policy to include a wildcard "allow" rule for this though:


Does anyone have any thoughts?

2 Replies


Sorry that you are having trouble getting your CORS policy to work right. It looks like this is a pretty common, and frustrating, error.

I'm no CORS wizard but I did find some resources that may be helpful here:

The below article from Medium goes into detail on this error, they go over the root cause and how to work around it:

You may also want to check out the official AWS S3 Documentation, as Object Storage is S3 compatible a lot of this will be applicable here (and they have a troubleshooting guide):

After digging further I also found this StackOverflow thread that discusses the problem with a number of answers that may help you work towards a solution:

Hopefully that gets you headed in the right direction. If anyone in the Community has more experience while trying to enable CORS your input would be really appreciated!

I got the same error and the fix was to ensure that the correct method or "action" was allowed on the bucket. I had mistakenly added "PUT" to the allowed methods for the bucket but I needed to add "POST" for my application.

I also found I needed to explicitly expose the 'access-control-allow-origin' header when I set the CORS policy for the bucket (ExposeHeader).


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct