CORS error when trying to fetch an asset

Hi!
I’m trying to fetch and download an assets using the API from the client side.

fetch(asset.public_url)
 .then(res => res.blob())
 .then(blob => /* add file blob to files zip, and finally save the zip on drive */ )

As I found out from other posts on the community fetching files by public URL should work fine. However I keep hitting CORS errors:

Access to fetch at ‘https://prod-euc1-files-monday-com.s3.eu-central-1.amazonaws.com/…’ from origin ‘<ID>.us.monday.app’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

I’ve tried with app:

  • tunneled from local,
  • on both draft and live versions,
  • with version deployed to monday code,
  • with version deployed and installed on the account.

Would deploying and installing app from the marketplace have an impact (e.g. different app origin)?

Or am I missing some important step? Is it possible to to fetch those files directly, without any proxy server?