Retrieving initial image from firebasestorage triggers cors issue but not always

[alexeigs]

What is most confusing is the fact, that it doesn't block it always but just sometimes without me knowing what makes the difference.

<croppa
      v-model="imgData"
      @image-remove="onImageRemoved"
      @new-image-drawn="onNewImageDrawn"
      @move="onMove"
      @zoom="onZoom"
    >
    <!-- The next line is the ISSUE -->
      <img crossorigin="anonymous" :src="initialUrl" slot="initial" />
      <img crossorigin="anonymous" :src="placeholder" slot="placeholder" />
</croppa>

Error: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://firebasestorage.googleapis.com/v0/b/[...] (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

[iujlaki]

It's the same here, with Amazon S3 url. We set the CORS Rule for aws but sometimes we got this CORS header ‘Access-Control-Allow-Origin’ missing problem.