Architecture
CORS headers
The player fetches segments viafetch() from a different origin than your app. The CDN must return CORS headers.
CloudFront
Create a response headers policy:/content/*).
Cloudflare
Add a Transform Rule or Worker to set CORS headers:Cache policy
CloudFront cache policy
Create a cache policy for segments:MinTTL: 0 and forward the Cache-Control header from the origin.
S3 metadata
Set cache headers when uploading segments:S3 as origin
CloudFront + S3
- Create an S3 bucket (private, no public access)
- Create a CloudFront distribution with the S3 bucket as origin
- Use Origin Access Control (OAC) to let CloudFront read from S3 without making the bucket public
- Set the origin path to match your upload prefix (e.g.,
/content)
Cloudflare + R2
R2 buckets can be connected as custom domains in Cloudflare:- Create an R2 bucket
- Connect a custom domain (e.g.,
cdn.example.com) - R2 serves objects directly with Cloudflare’s CDN