Thank you for your answer. I have configured the CORS headers on my reverse proxy (nginx) and it works well now.
Good morning from US Northeastern region.
As you can see above, the user hexth has broken link to his avatar. Upon inspection, I found out that the account is registered via Twitter SSO. And upon a bit deeper inspection, it seems like he changed his avatar on Twitter.
My question here is: how to make sure the user avatar doesn't go blank like that, if the user registered his/her account via Twitter SSO?
Admin > Location & APIs > SSO > Twitter > Add new api token.
(User menu > Settings > API > generate SSO.