we are in process of migration of project from AMS to cloud in AEM.
while security review , we are getting access-control-allow-origin: * , while accessing the content/dam images, which is a high security issue.
we are not setting this in our dispatcher, but we are still getting this.
Do we have any solution for this.
Guessing is it coming from the internal Fastly's CDN?
Views
Replies
Total Likes
Are you using connected assets ? If yes then take a look
No we are not using connected assets.
These are simple assets in publish which we are trying to access via publish domain in cloud and getting access-control-allow-origin: *
Can you share the log snippet from console as well as error log from publisher.
Any solutions for this, to control allowed origins?
Views
Replies
Total Likes
Do you have any custom servlet where you are defining the header ?
Thanks
Views
Replies
Total Likes
No Servlet changes, its coming automatically on Assets/images.
Views
Replies
Total Likes
Check /clientheader config in aem dispatcher .
Thanks
Views
Replies
Total Likes
Views
Likes
Replies