Set a CORS Rule on Specified Bucket
Last Updated:2021-09-13
Interface Description
This interface is used to set a cross-origin resource sharing (CORS) rule in the specified bucket. If the original rule exists, it overwrites the original rule.
Permission description Only the bucket owner and the user with the FULL_CONTROL permission can set the CORS of the bucket. If users have no permission, it returns “403 Forbidden: AccessDenied”.
Considerations
- The CORS permission of the bucket is set as “Cross-origin Not Allowed” through this interface before the setting of CORS rules.
- One rule file is allowed for each bucket at most. Therefore, the uploaded rule file overwrites the original one.
- The file size of CORS rules is limited to 20KB. Therefore, if the file size exceeds 20KB during the request, it returns “400 Bad Request: EntityTooLarge”. EntityTooLarge)。
Request URI
PUT /v1/{bucketName}/?cors
| Parameter Name | Parameter Type | Required | Description | Example Value | Parameter Position |
|---|---|---|---|---|---|
| bucketName | String | Yes | Bucket name | "bucketName_example" | Path |
Request Body Parameters
Instructions for Data Structure of Request Body Field
| Parameter name | Parameter Type | Required | Description | Example Value |
|---|---|---|---|---|
| corsConfiguration | List |
Yes | CORS rules container of the bucket. Each bucket can possess up to 100 rules. If there are multiple configurations, they are executed from top to bottom. |
Data Structure Description of CorsConfiguration Field
| Parameter Name | Parameter Type | Required | Description | Example Value |
|---|---|---|---|---|
| allowedOrigins | List |
Yes | Container for storing the origin of the cross-origin requests allowed | |
| allowedMethods | List |
Yes | Container for storing the cross-origin request method allowed | |
| allowedHeaders | List |
Yes | Container for storing the allowedHeaders It controls whether the header specified in Access-Control-Request-Headers in the OPTIONS prefetch instruction is allowed. | |
| allowedExposeHeaders | List |
No | Container for storing the response headers that are allowed to access from the application by users | |
| maxAgeSeconds | Integer | No | Specify the time for the browser to cache the prefetch request return results (OPTIONS) of specific resources. The requester does not need to send duplicate preflight requests within the cache time expressed in seconds. Type:Int64. | 1800 |
Response Body Parameters
Instructions for Data Structure of Response Body Field
Request Example
PUT /v1/bucketName_example/?cors
Common Request Header
{
"corsConfiguration" : [ {
"allowedExposeHeaders" : [ "user-custom-expose-header" ],
"allowedOrigins" : [ "http://www.example.com" ],
"allowedHeaders" : [ "Authorization" ],
"allowedMethods" : [ "GET" ],
"maxAgeSeconds" : 1800
} ]
}Response Example
HTTP/1.1 200 OK
<Common response header>
{ }Error Code
Refer to the universal error code.