CORS error deleting file from bucket

Access to XMLHttpRequest at 'https://localhost.localstack.cloud:4566/bucket?delete' from origin 'https://app.localstack.cloud' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Running via the command line with localstack start The file still deletes but this prevents any bucket events like s3:ObjectRemoved from firing.

DISABLE_CUSTOM_CORS_S3 = 1 localstack start gets rid of the error but deleting objects via the app still doesn’t trigger the object removed event. Doing it from the CLI works as expected.

Hello @bluewave41

Could you share which version of LocalStack are you using?
Using DeleteObjects didn’t trigger S3 notifications before LocalStack v2.

1.4. Updating to 2.0.1 still shows the network failure but files don’t delete anymore.

I’m not super familiar with AWS but this seems to be related to my CORS policy.

resource "aws_s3_bucket_cors_configuration" "content" {
  bucket = aws_s3_bucket.content.bucket

  cors_rule {
    allowed_headers = ["*"]
    allowed_methods = [
      "GET",
      "HEAD",
      "PUT",
      "DELETE"
    ]
    allowed_origins = [
      "*",
      "http://localhost:5173",
      "https://app.localstack.cloud"
    ]
    expose_headers  = []
    max_age_seconds = 0
  }
}

I feel like this should work given the error present but doesn’t. I can put files to the bucket just fine but deleting them fails.

Hi! DeleteObjects is actually a POST request, that might be why it fails. Could you try adding it and see if that solves your issue? Thanks a lot for adding the CORS policy, that helps a lot!

Yeah that fixes it. I was so sure that I’d already given every method access that I never even questioned it. :frowning:

Thank you very much.

Awesome, I’m glad it did! Thanks for the feedback.

1 Like