Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Cross Origin Resource Sharing

Hi folks. This is Mike with RaviAnaYoga.

We're using AWS S3, Cloudfront and Elastic Transcoder for adaptive streaming and the player is working in both Flash and HTML5 formats, however I'm unclear as to exactly why it's working in HTML5 as I did not include any CORS configuration as per: http://support.jwplayer.com/customer/portal/articles/1403679-crossdomain-file-loading.

Would you please explain which file is supposed to have the CORS header and how it gets there?

2 Community Answers

ravianayoga

Best Answer 

Wait. I think I've answered my own question based on this tutorial: http://blog.celingest.com/en/2014/10/02/tutorial-using-cors-with-cloudfront-and-s3/.

It looks like at this point the S3 buckets start out with a CORS configuration file with a wildcard alloworigin configuration: <AllowedOrigin>*</AllowedOrigin>. At least the one with our streams does and I'm fairly sure I didn't put it there.

Just updated it to limit requests to our web domain: <AllowedOrigin>*our-site.com</AllowedOrigin>

View in conversation
Up Down

ravianayoga

Best Answer  User  
0 rated :

Wait. I think I've answered my own question based on this tutorial: http://blog.celingest.com/en/2014/10/02/tutorial-using-cors-with-cloudfront-and-s3/.

It looks like at this point the S3 buckets start out with a CORS configuration file with a wildcard alloworigin configuration: <AllowedOrigin>*</AllowedOrigin>. At least the one with our streams does and I'm fairly sure I didn't put it there.

Just updated it to limit requests to our web domain: <AllowedOrigin>*our-site.com</AllowedOrigin>

Up Down

mark

User  
1 rated :

CORS is a moot point if you are only delivering MP4 files to dektops. Its only when you want to deliver HLS to iOS or android devices that you will see a problem.

This question has received the maximum number of answers.