CORS errors when executing remote jobs through API

I have remote execution of a job with parameters enabled and it is able to execute just fine if I curl it from the command line. However, I get a 403 CORS error when I try to execute the job from within one of our apps.
Error:

Access to XMLHttpRequest at 'https://jenkins.foo.com/job/barJob/buildWithParameters' from origin 'https://app.foo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I’ve tried installing the CORS filter plugin here: https://plugins.jenkins.io/cors-filter/ and configured it like the following:

Access-Control-Allow-Origins: https://*.foo.com, https://app.foo.com
Access-Control-Allow-Methods: GET, PUT, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type

I’ve also attempted to allow * as a wildcard for Access-Control-Allow-Origins to no avail. Is there anything else I need to do?

that doesn’t look right, it should be Access-Control-Allow-Origin (no s) which is a singular * or a uri, not both.

Thanks for the reply. If you look at the plugin page, that’s how it’s designed.

Screen Shot 2022-04-08 at 12.13.28 PM859×237 39.9 KB

cool then that plugin is broken, and needs to be fixed, at least an issue needs to be reported via issue tracker.

You could put a web server infront of jenkins where you can set your own headers, or patch the plugin.

@halkeye can you please provide more info on web server infront. I need to trigger jenkins API through an angular application locally, but getting a cors error. As the cors filter plugin is broken there is another way to do it please tell me.