Cross Origin headers for assets

Silverstripe Version:
I need to enable cross origin access to image files in the public/assets folder. I can do this with the .htaccess file but this gets overwritten on dev/build.

Is there a more stable way? I have an editor frontend on a separate subdomain which needs to be able to request and render images from the main site which involves CORS complications.

The htaccess does get rebuilt on every build, but it’s built from a template you can override. That way you can still make changes to the way it works.

The core template file can be found at: /vendor/silverstripe/assets/templates/SilverStripe/Assets/Flysystem/

You can put a copy of this in your own templates directory, using the same path and make any changes you like. ie (templates/SilverStripe/Assets/Flysystem/

Don’t forget to run a dev/build?flush for this to kick in.

Just a note that the full directory path is:


@Tim - doh! I fixed the apps to app.

1 Like

Doesn’t have to be. It depends how you have the site configued in terms of themes / templates. You can put it within your current theme if you don’t want to have two sources of templates. (Also, I’m guessing that should be /app/templates... rather than /apps)