Getting access-control-allow-origin as * in AEM cloud publisher domain | Community
Skip to main content
M
mukeshsingh
March 27, 2022

Getting access-control-allow-origin as * in AEM cloud publisher domain

  • March 27, 2022
  • 1 reply
  • 1581 views

we are in process of migration of project from AMS to cloud in AEM.

while security review , we are getting access-control-allow-origin: * , while accessing the content/dam images, which is a high security issue.

we are not setting this in our dispatcher, but we are still getting this.

Do we have any solution for this.

Guessing is it coming from the internal Fastly's CDN?

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

1 reply

Himanshu_Jain
Community Advisor
Himanshu_JainCommunity Advisor
Community Advisor
March 28, 2022

Are you using connected assets ? If yes then take a look 

https://experienceleague.adobe.com/docs/experience-manager-cloud-service/content/assets/admin/use-assets-across-connected-assets-instances.html?lang=en#configure-a-connection-between-sites-and-assets-deployments

 

 

Himanshu Jain
    M
    mukeshsinghAuthor
    March 28, 2022

    No we are not using connected assets.

    These are simple assets in publish which we are trying to access via publish domain in cloud and getting access-control-allow-origin: *

      Himanshu_Jain
      Community Advisor
      Himanshu_JainCommunity Advisor
      Community Advisor
      March 4, 2024

      Any solutions for this, to control allowed origins?


      Do you have any custom servlet where you are defining the header ? 

       

      Thanks

       

      Himanshu Jain
      Terms & ConditionsAccessibility statement

      Loading footer...