When using the Cloudinary Upload API, CORS errors may occur when making a server-side request directly from the browser to the Cloudinary API endpoint.
This may also happen when accessing your web application via a localhost URL instead of a fully qualified domain name.
CORS errors occur when you try to upload a file to Cloudinary directly from a browser using JavaScript. The request is considered "cross-origin," as your website domain differs from the Cloudinary API domain.
Cloudinary typically requires authenticated uploads to prevent unauthorized users from uploading files to your account, though unsigned uploads are also supported in some cases: https://cloudinary.com/documentation/upload_images#unauthenticated_requests
It is best practice to route your Cloudinary upload requests through a backend server (for example, an application written in Node.js or Python). The backend server will generate a signature using your Cloudinary credentials, ensuring secure and authenticated uploads.
Uploads directly from frontend code must either use a signature created by a secure backend, or can be unsigned uploads made using an unsigned Upload Preset.
For more information about configuring an upload request using the Upload API, please refer to: https://cloudinary.com/documentation/image_upload_api_reference#upload_required_parameters
Comments
0 comments
Please sign in to leave a comment.