Panel Plugin assets ignoring CORS rules

Hi together,
I had an panel plugin developed for a Kirby project, now the problem is that the cross origin rules you can define in the config.php like this for example:
header("Access-Control-Allow-Origin: *");
doesn’t affect the assets that were uploaded through the plugin. The plugin uses the /assets folder to store the media, and not the /media folder like regular Kirby content.
Is there any way to add the cross origin rules to the assets references in the /assets folder as well?
Thank you

Not sure I understand the issue. What is your expected behavior vs the experienced behavior?

Files in the assets folder are generally directly served by the webserver. That means they don’t go through php (and therefore kirby).
Therefore PHP and Kirby don’t get any chance to set any headers for those requests. Therefore you need to configure the webserver (like apache), and not PHP, to send them instead.

If that webserver is apache, you would probably want to configure it via an .htaccess file, maybe one that you directly put into the assets folder (so that it applies only there).

If you’re using apache, check if your hosting has the “mod_headers” module loaded (normally yes, more often than not), then create an .htaccess file in your assets folder with something like this:

<FilesMatch "\.(js|css)$">
    Header set Access-Control-Allow-Origin "*"

Also change the regex in the FilesMatch thingy to match the file extensions you want the server to send the header on.