CORS on DigitalOcean Spaces
DigitalOcean Spaces is S3-compatible, but the dashboard UI for CORS is form-based rather than JSON-paste. You add one rule at a time.
Apply the policy
Section titled “Apply the policy”-
Sign into the DigitalOcean Cloud at cloud.digitalocean.com.
-
Click Spaces Object Storage in the left sidebar, then click your Space name.
-
Click the “Settings” tab for the Space.
-
Scroll to “CORS Configurations” and click Add.
-
Fill in the form with these values:
Field Value Origin https://studio.relyn.appAllowed Methods GET,PUT,HEAD,POST,DELETE(tick all five)Allowed Headers *Access Control Max Age 3600 -
Save the rule. Add a second rule with Origin
http://localhost:5173if you work on Relyn locally; otherwise skip. -
Back in Relyn, open the bucket and click Diagnose to confirm.
Why DO uses a form instead of JSON
Section titled “Why DO uses a form instead of JSON”The S3 API itself is the same, but the DO dashboard surfaces CORS as discrete rules in a UI. Under the hood it’s still the same CORS policy you’d see on AWS or R2; DO just hides the JSON.
If you prefer the JSON shape (e.g. for s3cmd, aws-cli pointed at DO,
or Terraform), the AWS CLI form works against the DO endpoint:
aws s3api put-bucket-cors \ --endpoint-url https://nyc3.digitaloceanspaces.com \ --bucket YOUR_SPACE \ --cors-configuration '{ "CORSRules": [ { ... } ] }'Use the regional endpoint matching your Space (fra1, sgp1, etc.).