+ Start a Discussion
Chirag MehtaChirag Mehta 

CORS Error for a CNAME'd URL

Lets say I've a Force.com Site page https://ms.satrangtech.com/file?id=XXXX that is a CNAME mask for https://satrangtech.secure.force.com/file?id=XXX. 

On this page, when the user clicks the delete icon next to a file, the file should be deleted from Salesforce via a method on this page. The method works fine, when this page shows as satrangtech.secure.force.com but it does not work (and throws CORS error) when the page shows as ms.satrangtech.com.

> Failed to load https://satrangtech.secure.force.com/file?id=XXXX: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://ms.satrangtech.com' is therefore not allowed access.

I've already added CORS in Salesforce set-up for https://*.satrangtech.com