-1

Just faced an issue with the Access-Control-Allow-Origin CORS policy.

I load a link https://kiszo.net/wp-content/uploads/2021/03/14-1-scaled-e1616096596896.jpg

In postman i can see that there is an Access-Control-Allow-Origin header set to *

enter image description here

But nevertheless i cannot use this image on any other domain in an img tag, because i get a 403 error.

I always get a 403 and no Access-Control-Allow-Origin header

enter image description here

Its a CORS policy issue or something else?

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
Kovács Gergely
  • 73
  • 1
  • 10

1 Answers1

-1

So the issue was with the Cloudflare Hotlink Prevention: https://kiszo.net/wp-content/uploads/2020/12/szijjarto-1.jpg

I tried to change the Referer header, but that is impossible

For me this worked: try diabling Cloudflare Hotlink Prevention, and check the pageurl in the Cloudflare Dashboard also.

Kovács Gergely
  • 73
  • 1
  • 10