Cross-Origin Resource Sharing (CORS)
Cross-origin resource sharing (CORS) is a mechanism that allows some resources to be requested from another domain. This is usually the case for your application’s assets such as fonts or images you download from a CDN. If not configured properly, you might have errors downloading these assets.
On this documentation page, I will call CDN the server where your assets are stored and my-app your application hosted on Scalingo.
On the CDN Side
The CDN must respond with the
Access-Control-Allow-Origin header. The value associated to this
header must be either a wildcard (
*) or the domain name of your application (e.g.
On your application side
On your application side, you should include the
Origin header with your domain name in it. Here
is how to do it with various languages:
- Ruby: use a gem such as
- Node.js/Express: use a npm module such as
- Go: various middlewares exist depending on the web framework you use: this one for the Gin framework, or that one for Martini. You can also have a look at this one which works on top of the standard library.