Digital Ocean Spaces S3: Is it possible to add access-control-allow-origin: * to all requests?

amazon-s3 cors cloud digital-ocean

If you curl my image 

curl -i https://local-spaces.fra1.digitaloceanspaces.com/test.jpg

you will see that there is no Access-Control-Allow-Origin header in the response.

If you curl like this, the header is set:

curl -H "Origin: http://example.com/" -i https://local-spaces.fra1.digitaloceanspaces.com/test.jpg

Now I wonder, because all big CDN pages always set the Access-Control-Allow-Origin: *, even when Sec-Fetch-Mode: no-cors.

To test it, do this:

curl -i https://scontent.cdninstagram.com/vp/02a788f9e7f55880601ed240a0e3142a/5E29CBDE/t51.2885-15/sh0.08/e35/s640x640/72271766_155986088835033_6677460235579468035_n.jpg\?_nc_ht\=scontent.cdninstagram.com

or

curl -i https://loremflickr.com/480/640/girl,boy,man,men,woman\?lock\=4446

The support reached out to me:

At the moment, there isn't any way to force this. Without an Origin set, the header will not be served. It is possible to use a proxy service, however that may not be the best fit for most use cases.

Related

Why are binlogs on by default in MySQL 8 and will they be deleted automatically?
How to manually trigger an update of /etc/hosts in WSL? [closed]
Sending image to repository not working
Speed up CIFS remote file shares
Tape capacity and backup routine in Linux
How should i write the yaml file for use in ansible variable?
Application works locally, but fails with 502 in cloud run - "upstream connect error or disconnect/reset before headers. reset reason: protocol error"
Vmware Esxi - Old 32bit software performance issue on multi core
weird behaviour in a Windows 2019 .BAT script
Downloading a file using Windows CMD line with curl/wget
Confused about how to manipulate GCS bucket/object permissions
How to avoid passing parameters everywhere in play2?