I added the following statements in our app.yml
DISCOURSE_ENABLE_CORS: true DISCOURSE_CORS_ORIGIN: '*'
Temporarily set ‘*’ to eliminate variables while testing. I have also attempted setting urls explicitly to no avail.
However, despite the above, we still get
No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Context: We have a unity based iOS client that interfaces with some discourse APIS and for testing we use WebGL. And we face this issue when testing on our browsers running WebGL specifically.
I am also observing from postman tests that all requests have a ‘strict-origin-when-cross-origin’ Referrer-Policy in the response headers.
Any help is appreciated. Thank you!