Hi, I’ve added
Access-Control-Allow-Origin = "*" to a few asset folders on our site (id: mdsite) but they simply refuses to get set. Other headers gets applied correctly, but no this one … the one for
/fonts/* which I added a long time back, seems to work though. On a test netlify account pointing to another branch of the same repo, I also tried setting it in a
_headers file, but no success with that either … the netlify.toml gets read correctly according to the build logs. Clear cache + build doesn’t help either. How can I fix this?
[[headers]] for = "/*" [headers.values] Referrer-Policy = "same-origin" X-Content-Type-Options = "nosniff" X-Frame-Options = "DENY" X-XSS-Protection = "1; mode=block" [[headers]] for = "/data/*" [headers.values] Access-Control-Allow-Origin = "*" [[headers]] for = "/fonts/*" [headers.values] Access-Control-Allow-Origin = "*"