CORS error with THREE.js and S3 in Chrome & Safari

Question

I'm having an issue loading an S3 hosted JPG into my three.js model as a texture. I got a CORS error in Chrome, realised S3 supports CORS and put in a very liberal policy to check it out during development (I've never run into CORS before). Firefox is fine but Chrome and Safari still error out.

The JPG is loaded into a texture via THREE.ImageUtils.loadTexture() and then that texture is applied to a material.

I tried adding the following to the image before loading but it didn't seem to work:

img.crossOrigin = '';

The current CORS policy I have is wide open:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>HEAD</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
    </CORSRule>
</CORSConfiguration>

Chrome's error is

38 Cross-origin image load denied by Cross-Origin Resource Sharing policy.

Can anyone give me any tips on this please?

UPDATE:

So it turns out that I just wasn't setting img.crossOrigin early enough in the code for it to be useful. Stupid mistake :(

The AllowHeader tips are useful though, thanks!

Answer 1

Try adding Content- in the header.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedHeader>Content-*</AllowedHeader>
    <AllowedHeader>Host</AllowedHeader>
  </CORSRule>
</CORSConfiguration>