We are making a change to the default configuration of the cross-origin resource sharing (CORS) policies for DreamObjects. We’ve seen OPTIONS request traffic to your bucket so we wanted to ensure you are aware of the new configuration. These are typically sent if you’re uploading to DreamObjects from your site or are using a common resource, like fonts, stored within DreamObjects on your site.
DreamObjects was originally implemented with only a default CORS policy of the * wildcard, which permitted ANY origin to be used; no per-bucket CORS was originally available. As of October 1, 2015 we began supporting per-bucket CORS policies but left the wildcard policy in effect to prevent any disruption.
Starting February 1, 2016 we are removing the wildcard policy. From that date forward, if you require CORS functionality, you’ll need to configure a CORS policy on your bucket. We have documentation about CORS and instructions on configuring a policy on our wiki at http://wiki.dreamhost.com/DreamObjects_CORS
If you’ve got questions about any of this, or need help setting up a CORS policy of your own, please don’t hesitate to contact our tech support team. They’re standing by and ready to help! https://panel.dreamhost.com/?tree=support.msg