I have a WordPress multisite install that uses Trellis and Bedrock at https://api.harnessup.com (example subsite URLs: https://demo.api.harnessup.com, https://esfox.api.harnessup.com, etc.).
I also have a client-side JS apps for each of our clients that interact with the corresponding WP backend subsite via WPGraphQL (example URLs: https://demo.harnessup.com, https://esfox.harnessup.com, etc.)
From our frontend JS app, we need to be able to download image files from the WP
/uploads directory and load them into a client-side image manipulation library that we use.
Currently though, attempts to do that result in a CORS error stating
No 'Access-Control-Allow-Origin' header is present on the requested resource. This screenshot illustrates the issue: https://cloudup.com/cexLAQIZ6EZ
If someone could tell me now to add that CORS header so that assets within the
/uploads directory can be downloaded, I would appreciate it. I haven’t been able to find documentation/examples. Do I need to add it in
roles/wordpress-setup/templates/wordpress-site.conf.j2, somewhere, perhaps?
Please note that WPGraphQL already sets the header to
'Access-Control-Allow-Origin' => '*' in this file: https://github.com/wp-graphql/wp-graphql/blob/develop/src/Router.php#L274-L283. So I already have that set for all requests that involve WordPress executing – it’s just not set for requests for assets in the