server/controllers/assets/utils/serveFile.js

@@ -8,6 +8,8 @@ const serveFile = ({ filePath, fileType }, res) => {
     headers: {
       'X-Content-Type-Options'      : 'nosniff',
       'Content-Type'                : fileType,
+      'Access-Control-Allow-Origin' : '*',
+      'Access-Control-Allow-Headers': 'Origin, X-Requested-With, Content-Type, Accept',
     },
   };
   logger.debug(`fileOptions for ${filePath}:`, sendFileOptions);