Setting up CORS

When loading remote data into Foxglove Studio for playback and analysis, we recommend hosting your files in a cloud provider like Amazon Simple Storage Service (S3), Google Cloud Storage (GCS), or Azure Storage. You can also host files on your own server, but it may be difficult and time-consuming to set up support for Cross-Origin Resource Sharing (CORS) and range requests.

If your data is sensitive, generate and use a signed URL – make sure that you point to the resource directly, as redirects will not work with CORS:

This signed URL will work for a limited period of time, and you can set up your server to only sign URLs for authenticated users.

Finally, set up your CORS configuration. Below is an example of a Terraform config for an S3 bucket (documentation here):

cors_rule {
  allowed_methods = ["GET", "HEAD", "OPTIONS"]
  allowed_origins = ["https://studio.foxglove.dev"]
  allowed_headers = ["*"]
  expose_headers = ["ETag", "Content-Type", "Accept-Ranges", "Content-Length"]
}

And a Terraform config for a GCS bucket (documentation here):

cors {
  origin = ["https://studio.foxglove.dev"]
  method = ["GET", "HEAD", "OPTIONS"]
  response_header = ["ETag", "Content-Type", "Accept-Ranges", "Content-Length"]
}