Amazon S3 CORS Configuration for Django Heroku Deployment
Post header photo

CORS (Cross-Origin Resource Sharing) will allow your application to access content in the S3 bucket. Each rule should specify a set of domains from which access to the bucket is granted and also the methods and headers permitted from those domains. <?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns=""> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>PUT</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration> This tells S3 to allow any domain access to the bucket and that requests can contain any headers. For security, you can change the 'AllowedOrigin’ to only accept requests from your domain.