CORS Not Working - No ‘Access-Control-Allow-Origin’ Header

Hi, I’ve recently added CORS support to my Discourse, but it isn’t working. I have the below in my app.yml (also tried through the admin interface but no luck).


I’m receiving the error:

Access to XMLHttpRequest at ‘’ from origin ‘’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

This Discourse is set up through a Digital Ocean droplet. I’m wondering if there’s anything else I need to do to get this working.

Thank you.

Wait do you have HTTPS enabled on your discourse?