• Login to Amazon S3 Console: https://console.aws.amazon.com/s3/home.
  • Locate your bucket, click on the same. On clicking, the right pane will show properties for that bucket. Expand Permissions, Click "Edit CORS Configuration" and update CORS to allow force.com.
  • Add following JSON snippet 
  • [
      {
        "AllowedHeaders": [
          "*"
        ],
        "AllowedMethods": [
          "PUT",
          "POST",
          "DELETE"
        ],
        "AllowedOrigins": [
          "*.force.com"
        ],
        "ExposeHeaders": [
          "ETag"
        ]
      },
      {
        "AllowedHeaders": [
          "*"
        ],
        "AllowedMethods": [
          "PUT",
          "POST",
          "DELETE"
        ],
        "AllowedOrigins": [
          "*.visualforce.com"
        ],
        "ExposeHeaders": [
          "ETag"
        ]
      },
      {
        "AllowedHeaders": [],
        "AllowedMethods": [
          "GET"
        ],
        "AllowedOrigins": [
          "*"
        ],
        "ExposeHeaders": [
          "ETag"
        ]
      }
    ]

    Or you can add in the following XML format

  • <?xml version="1.0" encoding="UTF-8"?>
    <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
       <CORSRule>
          <AllowedOrigin>*.force.com</AllowedOrigin>
          <AllowedOrigin>*.visualforce.com</AllowedOrigin>
          <AllowedMethod>PUT</AllowedMethod>
          <AllowedMethod>POST</AllowedMethod>
          <AllowedMethod>DELETE</AllowedMethod>
          <AllowedMethod>GET</AllowedMethod>
          <ExposeHeader>ETag</ExposeHeader>
          <ExposeHeader>x-amz-meta-custom-header</ExposeHeader>
          <AllowedHeader>*</AllowedHeader>
       </CORSRule>
    </CORSConfiguration>


  • For more info click here