I just attempted to set up php-remote-storage with Apache on a fresh Ubuntu 20.04 VM. In the process, I verified (to no surprise) that CORS headers are indeed missing for 304 responses.

Unfortunately, there’s no backport for the official apache2 apt package for newer Apache versions. However, there is a decent PPA, which contains the latest Apache stable release. But that’s actually still 2.4.46, so I’ll wait until 2.4.47 lands there and try again.

I have notes for an install from scratch now, incl. setting up a Let’s Encrypt certificate, and it’ll be really simple for anyone using Apache on Ubuntu, as soon as there’s a package available for the fix.