Overview
Get started
Framework guides
Deploy a Blazor Site
Deploy a Brunch site
Deploy a Docusaurus site
Deploy a Gatsby site
Deploy a Gridsome site
Deploy a Hexo site
Deploy a Hono site
Deploy a Hugo site
Deploy a Jekyll site
Deploy a Next.js site
Deploy a Nuxt site
Deploy a Pelican site
Deploy a Preact site
Deploy a Qwik site
Deploy a React site
Deploy a Remix site
Deploy a Solid site
Deploy a Sphinx site
Deploy a Svelte site
Deploy a Vite 3 site
Deploy a Vue site
Deploy a Vuepress site
Deploy a Zola site
Deploy an Angular site
Deploy an Astro site
Deploy an Elder.js site
Deploy an Eleventy site
Deploy an Ember site
Deploy an Mkdocs site
Deploying your site
How to
Add a custom domain to a branch
Add custom HTTP headers
Deploy a static WordPress site
Handle redirects with Bulk Redirects
Install private packages
Preview Local Projects with Cloudflare Tunnel
Redirecting www to domain apex
Refactor a Worker to a Pages Function
Set build commands per branch
Use Direct Upload with continuous integration
Use Pages Functions for A/B testing
Tutorials
Add a React form with Formspree
Add an HTML form with Formspree
Build a blog using Nuxt.js and Sanity.io on Cloudflare Pages
Build an API for your front end using Cloudflare Workers
Create an HTML form
Migration guides
Migrating a Jekyll-based site from GitHub Pages
Migrating from Firebase
Migrating from Netlify to Pages
Migrating from Vercel to Pages
Migrating from Workers Sites to Pages
Platform
Branch build controls
Build configuration
Changelog
Custom domains
Debugging Pages
Deploy Hooks
Direct Uploads
Early Hints
Functions
Get started
Routing
API reference
Examples
A/B testing with middleware
Adding CORS headers
Middleware
Local development
Bindings
TypeScript
Advanced mode
Pages Plugins
Cloudflare Access
Google Chat
GraphQL
hCaptcha
Honeycomb
MailChannels
Sentry
Static Forms
Stytch
Community Plugins
vercel/og
Metrics
Debugging and logging
Pricing
Module support
Git integration
Headers
Known issues
Limits
Preview deployments
Redirects
REST API
Rollbacks
Serving Pages

Adding CORS headers

A Pages Functions for appending CORS headers.

This example is a snippet from our Cloudflare Pages Template repo.

/functions/_middleware.js// Respond to OPTIONS method
export const onRequestOptions: PagesFunction = async () => {  return new Response(null, {    status: 204,    headers: {      'Access-Control-Allow-Origin': '*',      'Access-Control-Allow-Headers': '*',      'Access-Control-Allow-Methods': 'GET, OPTIONS',      'Access-Control-Max-Age': '86400',    },  });
};

// Set CORS to all /api responses
export const onRequest: PagesFunction = async ({ next }) => {  const response = await next();  response.headers.set('Access-Control-Allow-Origin', '*');  response.headers.set('Access-Control-Max-Age', '86400');  return response;
};