Configure CORS

Cross-origin resource sharing (CORS) is a standard cross-origin solution provided by HTML5. CORS allows web applications to access resources across origins. You can control the cross-origin access permissions by using the API operations provided by KS3, to develop flexible web applications.

Configuration

To configure CORS parameters, go to the details page of a bucket and click Bucket Settings and CORS Configuration in sequence.

Parameter description:

• Allow Origin

  The origin from which you want to allow cross-origin requests. Multiple domain names must be separated with commas (,).

• Method

  The allowed cross-origin request methods, including GET, POST, DELETE, PUT, and HEAD.

• Allow Header

  The allowed cross-origin request headers. Multiple headers must be separated with commas (,).

• Exposed Header

  The response headers that you are allowed to access from applications.

• Cache Time

  The period of time within which the browser caches the response for an OPTIONS preflight request for specific resources.

Note: KS3 matches cross-origin requests against CORS rules in the corresponding buckets, and checks against the permissions set by the rules. Rules are matched one by one. KS3 allows the requests and returns the corresponding headers based on the rules. For more information about CROS-related operations, see Configure CORS.