GET Bucket CORS
Last updated:2021-09-14 16:18:18
Description
You can call this operation to query the CORS configuration of your bucket.
To call this operation, you must have permission to perform the GetBucketCORS operation. The owner of a bucket has this permission by default and can grant it to others.
Request
Request syntax
GET /?cors HTTP/1.1
Host: {BucketName}.{endpoint}
Date: {date}
Authorization: {SignatureValue}
References:
Request parameters
No request parameter is used.
Request headers
This operation uses only common request headers. For more information, see Public Request Header.
Request body
No request body is used.
Response
Response headers
This operation uses only common response headers. For more information, see Public Response Header.
Response body
| Parameter | Description | Required |
|---|---|---|
| CORSConfiguration | The container that stores CORS rules. It can store up to 100 CORS rules. Type: container Child node: CORSRules Parent node: none |
Yes |
| CORSRule | A collection of origins and methods. You can configure up to 100 rules. Type: container Child nodes: AllowedOrigin, AllowedMethod, MaxAgeSeconds, ExposeHeader, and ID Parent node: CORSConfiguration |
Yes |
| ID | The unique identifier of a rule. An ID can contain up to 255 characters. It can help you quickly find a rule. Type: String Parent node: CORSRule |
Yes |
| AllowedMethod | The HTTP methods allowed for an origin. You must define at least one origin and one method in a CORS rule.Type: Enumeration (GET, PUT, HEAD, POST, and DELETE) Parent node: CORSRule |
Yes |
| AllowedOrigin | The origins from which CORS requests are allowed. An origin can contain at most one asterisk (*) as the wildcard. You must define at least one origin and one method in a CORS rule. Example: http://*.example.com. If you set the AllowedOrigin parameter to an asterisk (*), requests from all origins are allowed.Type: String Parent node: CORSRule |
Yes |
| AllowedHeader | Indicates which headers specified by Access-Control-Request-Headers in the OPTIONs preflight request are allowed. Each header specified by Access-Control-Request-Headers must be consistent with the header of the request sent to KS3. You can specify at most one asterisk (*) in the AllowedHeader parameter.Type: String Parent node: CORSRule |
Yes |
| MaxAgeSeconds | The period of time within which the browser caches the response of KS3 for an OPTIONS preflight request to specified resources. A CORS rule can contain at most one MaxAgeSeconds parameter.Type: Integer (seconds) Parent node: CORSRule |
Yes |
| ExposeHeader | The response header that you are allowed to access from your applications, such as from a JavaScript XMLHttpRequest object.Type: String Parent node: CORSRule |
Yes |
Operation-specific errors
This operation does not return operation-specific errors.
Examples
Sample request
GET /?cors HTTP/1.1
Host: ks3-example.ks3-cn-beijing.ksyuncs.com
Date: Wed, 24 Dec 2014 03:08:04 GMT
Authorization: authorization string
Sample response
HTTP/1.1 200 OK
Date: Wed, 24 Dec 2014 03:08:04 GMT
Server: Tengine
Content-Type: application/xml
x-kss-request-id: d72a2c2be3ec42aebf5b8c395b6cb8e7
<CORSConfiguration>
<CORSRule>
<AllowedOrigin>http://www.example.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSec>
<ExposeHeader>x-kss-server-side-encryption</ExposeHeader>
</CORSRule>
</CORSConfiguration>
Did you find the above information helpful?
Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful
What might be the problems?
Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality
More suggestions
0/200
Please give us your feedback.
Submitted
Thank you for your feedback.