All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term

Documentation

GET Bucket CORS

Last updated:2021-09-14 16:18:18

Description

You can call this operation to query the CORS configuration of your bucket.

To call this operation, you must have permission to perform the GetBucketCORS operation. The owner of a bucket has this permission by default and can grant it to others.

Request

Request syntax

GET /?cors HTTP/1.1
Host: {BucketName}.{endpoint}
Date: {date}
Authorization: {SignatureValue}

References:

Request parameters

No request parameter is used.

Request headers

This operation uses only common request headers. For more information, see Public Request Header.

Request body

No request body is used.

Response

Response headers

This operation uses only common response headers. For more information, see Public Response Header.

Response body

Parameter Description Required
CORSConfiguration The container that stores CORS rules. It can store up to 100 CORS rules.
Type: container
Child node: CORSRules
Parent node: none
Yes
CORSRule A collection of origins and methods. You can configure up to 100 rules.
Type: container
Child nodes: AllowedOrigin, AllowedMethod, MaxAgeSeconds, ExposeHeader, and ID
Parent node: CORSConfiguration
Yes
ID The unique identifier of a rule. An ID can contain up to 255 characters. It can help you quickly find a rule.
Type: String
Parent node: CORSRule
Yes
AllowedMethod The HTTP methods allowed for an origin. You must define at least one origin and one method in a CORS rule.
Type: Enumeration (GET, PUT, HEAD, POST, and DELETE)
Parent node: CORSRule
Yes
AllowedOrigin The origins from which CORS requests are allowed. An origin can contain at most one asterisk (*) as the wildcard. You must define at least one origin and one method in a CORS rule. Example: http://*.example.com. If you set the AllowedOrigin parameter to an asterisk (*), requests from all origins are allowed.
Type: String
Parent node: CORSRule
Yes
AllowedHeader Indicates which headers specified by Access-Control-Request-Headers in the OPTIONs preflight request are allowed. Each header specified by Access-Control-Request-Headers must be consistent with the header of the request sent to KS3. You can specify at most one asterisk (*) in the AllowedHeader parameter.
Type: String
Parent node: CORSRule
Yes
MaxAgeSeconds The period of time within which the browser caches the response of KS3 for an OPTIONS preflight request to specified resources. A CORS rule can contain at most one MaxAgeSeconds parameter.
Type: Integer (seconds)
Parent node: CORSRule
Yes
ExposeHeader The response header that you are allowed to access from your applications, such as from a JavaScript XMLHttpRequest object.
Type: String
Parent node: CORSRule
Yes

Operation-specific errors

This operation does not return operation-specific errors.

Examples

Sample request

GET /?cors HTTP/1.1
Host: ks3-example.ks3-cn-beijing.ksyuncs.com
Date: Wed, 24 Dec 2014 03:08:04 GMT
Authorization: authorization string

Sample response

HTTP/1.1 200 OK
Date: Wed, 24 Dec 2014 03:08:04 GMT
Server: Tengine
Content-Type: application/xml
x-kss-request-id: d72a2c2be3ec42aebf5b8c395b6cb8e7

<CORSConfiguration>
<CORSRule>
<AllowedOrigin>http://www.example.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSec>
<ExposeHeader>x-kss-server-side-encryption</ExposeHeader>
</CORSRule>
</CORSConfiguration>
On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback