Add CORP header to ZeroTrust Domain

Hi guys, I'm having two sites

a.example.com

a.example.com

and

b.example.com

b.example.com

, both of them are place under ZeroTrust. Currently page

cannot access asset from page

because it failed to check for

CORP

CORP

request. The

.cloudflareaccess.com

.cloudflareaccess.com

domain does not return

Cross-Origin-Resource-Policy=cross-origin

Cross-Origin-Resource-Policy=cross-origin

header. Now I have to manually go to page

to let cf access authorize then go back to page

. Is there any setting I can apply to mitigate this issue? I've tried setting

CORS

CORS

but nothing changed