Overview
Direct browser requests to UNESCO's CDN are blocked by CORS/CORP restrictions in certain environments.
This epic routes all image fetches through our own Laravel backend, eliminating browser-level security constraints entirely.
Sub-issues (all must be closed to consider this done)
Completion definition
All five sub-issues are closed and images render without errors in production.
Background
The browser enforces CORS and CORP policies when fetching cross-origin resources.
Server-to-server HTTP requests (PHP → UNESCO CDN) bypass these restrictions, so wrapping the fetch in a Laravel controller is the most reliable fix.
Related table
world_heritage_site_images
Overview
Direct browser requests to UNESCO's CDN are blocked by CORS/CORP restrictions in certain environments.
This epic routes all image fetches through our own Laravel backend, eliminating browser-level security constraints entirely.
Sub-issues (all must be closed to consider this done)
routes/api.phpproxyImageinHeritageImageControllerHeritageCarditem.idis correctly passed to the frontendCompletion definition
All five sub-issues are closed and images render without errors in production.
Background
The browser enforces CORS and CORP policies when fetching cross-origin resources.
Server-to-server HTTP requests (PHP → UNESCO CDN) bypass these restrictions, so wrapping the fetch in a Laravel controller is the most reliable fix.
Related table
world_heritage_site_images