Using your own server as a music source in WAV3R (CORS setup)
WAV3R can load music from your own server (for example a VPS, NAS, or web hosting).
Because browsers protect users with CORS security rules, your server must allow WAV3R to access it.
Follow the steps below depending on what you use.
1. Your server must use HTTPS
WAV3R only works with secure servers.
✔ Supportedhttps://music.yourdomain.com
❌ Not supportedhttp://music.yourdomain.com
2. Allow WAV3R in your server’s CORS settings
Your server must send this HTTP header on music files and JSON:Access-Control-Allow-Origin: https://www.wav3r.com
If this header is missing or wrong, the browser will block the music.
Example configurations
Nginx
Add this inside your server or location block:add_header Access-Control-Allow-Origin "https://www.wav3r.com" always; add_header Vary "Origin" always;
Apache (.htaccess)Header always set Access-Control-Allow-Origin "https://www.wav3r.com"
Cloudflare
Rules → Transform Rules → Response Header
Add:
Header name: Access-Control-Allow-Origin
Value: https://www.wav3r.com
3. Use the final (non-redirecting) URL
If your server redirects, WAV3R may not be able to load it.
✔ Usehttps://www.music.yourdomain.com/library.json
❌ Avoidhttps://music.yourdomain.com → redirects to www.music.yourdomain.com
Tip: Open the file directly in your browser — if it redirects, fix the URL.
4. JSON and text files must also allow CORS
Your server must allow WAV3R to read:.json.txt
directory listings (if used)
Some servers only allow CORS for images or audio — that is not enough.
5. If you use a Service Worker or “offline mode”
If your site uses a Service Worker:
It must not block cross-origin requests
Or it must forward them normally to the network
If you don’t know what this means, disable offline caching for your server.
Browser notes:
Chrome / Firefox
Works immediately if CORS is set correctly
If it fails: clear site data for wav3r.com and reload
Safari (macOS / iOS)
Much stricter CORS rules
Make sure:
HTTPS is valid
No redirects
No self-signed certificates
Quick test:
Paste your music file URL into the browser:https://your-server.com/music/library.json
Then open DevTools → Network → Headers and confirm you see:Access-Control-Allow-Origin: https://www.wav3r.com
If you don’t see it, WAV3R cannot load your server.
Common mistakes:
Using http:// instead of https://
Missing www or wrong subdomain
Server redirects before returning headers
Allowing * instead of https://www.wav3r.com
CORS enabled only for images/audio, not JSON
Summary (TL;DR)
To use your own server with WAV3R:
✔ HTTPS
✔ No redirects
✔ Access-Control-Allow-Origin: https://www.wav3r.com
✔ JSON & text files allowed
✔ No blocking Service Workers
If those are true, WAV3R will load your music.