Access to image blocked due to CORS in option set... but not in database?

I’m adding a feature to one of my plugins where users can add their own logo to a PDF header.

To test it out, I saved down an image to an option set. When I try to access this image in the option set I get the following error in the console:

However, if I save the image down to my database and search for it there, no such issue arises.

Any idea why CORS might be blocking accessing images in option sets but not images saved to the database?


Try CORS Light. It might work better.


I don’t think it’s related to option sets per se. What I can say based on your screenshot is that the frame_ant.js script (which resides at your app’s domain) is attempting to send an Ajax request to the Bubble CDN domain (where the image resides). That, by definition, is a cross-origin request and would trigger such an error.

One explanation for why it doesn’t occur for an image pulled from the DB is if the image field is protected by privacy rules. In that case, even though the image is hosted on AWS, it can only be accessed via a Bubble-generated URL which shares the same origin (domain) as your app. So, in that case, it would be the same origin and thus no error.

Anyway, that’s my best hypothesis given the info available. :slightly_smiling_face:


if the image field is protected by privacy rules

Actually, what I meant was if the image is “private” - i.e. was attached to something when it was uploaded.

1 Like

Hey BUD, you might be thinking of another word which has an additional “O”. :smirk:


Interesting. Thanks for that @sudsy - I suspect you may be correct. I’ll do some further reading/investigating and report back if I figure it out fully :slight_smile:

FWIW, a “private” upload will have a value in the Attached to column in the File manager. Also, the URL will look something like…