How to disable CORS policy


  • Used Zammad version: 5.1.X
  • Used Zammad installation type: docker-compose
  • Operating system: Unix
  • Browser + version: Brave versión 1.39.111 Chromium: 102.0.5005.61 (Build oficial) (64 bits)

Expected behavior:

  • Make a request from my local frontend and receive the correct reply

Actual behavior:

  • When I make a request from my local frontend I receive the following.

    I’m only developing a testing app to learn more about Zammad. Then I’d like to disable this security step.

Steps to reproduce the behavior:

  • In a dev environment with React, try to make a request to the API of your Zammad (in my case, it is in AWS EC2 instance)