ks888
commented
5 years ago The access to https://xxxxxxxxxx.cloudfront.net/api/settings should be handled by the API gateway. Not S3. It looks like the setting of CloudFront is strange. Can you share the Behaviors part of your CloudFront distribution?
Access to fetch at 'https://xxxxxxxxxx.cloudfront.net/api/settings' from origin 'https://statuspage-adminpages3-xxxxxxxxxx.s3.us-east-2.amazonaws.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.Google Chrome 76 additionally gives the following error:
app.f59f09737709f6fb9b09.js:9 Cross-Origin Read Blocking (CORB) blocked cross-origin response https://d1nr3v26vodwhc.cloudfront.net/api/settings with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.