I'm using a python app in the Swisscom Application Cloud based on Cloudfoundry. The app creates txt and js files which are stored in s3 (dynstrg) to ensure availability.
I'm trying to load the data of these files async, but I get a "XHTMLRequest cannot load" error as the headers "Allow-Control-Allow-Origin" are not set and are on a different host. S3 is on sth like https://ds31s3.swisscom.com/... the app on https://.scapp-corp.swisscom.com/
Is there a way I can set these headers for the dynstrg service somehow in the manifest.yml or alike?
When serving files directly from S3 to the browser (without interaction from a backend app), you would normally set CORS settings on S3 buckets: http://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html#how-do-i-enable-cors
Unfortunately, Swisscom's dynstrg service is based on Atmos which does not offer setting CORS settings (and EMC does also not plan to implement this, as was told us).
To work around this, I suggest you implement an endpoint in your python app that serves the txt and js files by fetching them from Atmos. This comes with a performance penalty, but will solve your CORS issue.