阿里云OSS图片访问出现跨域：Access to image at from origin has been blocked by CORS policy

<!-- 使用img标签没有问题-->
<img src="url">
<script>
// 使用js Image 对象报错
let image = new Image()
image.setAttribute('crossOrigin', 'Anonymous')
image.src = url
</script>

Access to image at xxx
from origin xxx
has been blocked by CORS policy: 
No 'Access-Control-Allow-Origin' header is present on the requested resource.

来源： *
允许 Methods: GET POST PUT DELETE HEAD
允许 Headers：*
暴露 Headers：ETag、 x-oss-request-id、x-oss-version-id
缓存时间（秒）：0

// 简单上传
result = await client.put(filename, file, {
   meta: {
     'Cache-Control': 'no-cache',
   },
 })