CORS policy issues

Hi there,

We are working on a Solid application and we are trying to manage .acl files in order to modify permissions. We have managed to modify a .acl file for some files but when working with .jpg files a CORS policy error arises. We do not understand if it is due to the extension or because any other thing. Speaking about the code itself, there are two methods modifyPermissionsRoute() and modifyPermissionsMedia() and both of them call at some point manageAcl() . The first method works perfectly fine but the second does not, and they both check if the files that are fetched have .acl and if it doesn’t it creates one and then adds the READ rule.

It seems like it is because we have to give controll permissions, but in that case, shouldn’t both cases fail?

Here I leave the error and the code

image1013×281 20.4 KB

I don’t think CORS is affected by content types and it looks like this one is due to a redirection.

IIRC the CORS spec originally required all redirects to be blocked but was changed as for same origin this makes no sense. However, I don’t think any browsers have caught up with the spec on this issue.

So if you can try without the redirection that might show if that’s the issue.

CORS is quite tricky IME when it gets in the way and very hard to understand from the documentation. It breaks a lot of things.

Nevermind, it was because a http and https confusion in the URL. I forgot to add the s. Thank you @happybeing for you comment though.