All Documents
Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Found 0 result in total

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Standard Storage Service (KS3)

View more results
Document title with current keyword not found
Directory
Expand AllFold All Up
No products found with this keyword
Documentation Standard Storage Service (KS3) API Reference CORS-related operations OPTIONS Object

OPTIONS Object

Last updated:2021-09-14 16:18:17

Description

A browser can send a preflight request to KS3 to check whether it can send a CORS request that contains a specified origin, HTTP method, and request headers.

KS3 supports CORS by allowing you to configure CORS rules for your buckets. After you send a preflight request, KS3 checks whether the request matches a specified rule.

If the request does not match any rules, KS3 returns a 403 Forbidden response.

Request

Request syntax

OPTIONS /{ObjectName} HTTP/1.1
Host: {BucketName}.{endpoint}
Origin: {Origin}
Access-Control-Request-Method: {HTTPMethod}
Access-Control-Request-Headers: {RequestHeader}

References:

Request parameters

No request parameter is used.

Request headers

This operation supports all common request headers. For more information, see Public Request Header.

Parameter Description Required
Origin The origin of the CORS request to KS3, such as http://www.example.com.
Type: String
Default value: none		 Yes
Access-Control-Request-Method The HTTP method used for sending the CORS request.
Type: String
Default value: none		 Yes
Access-Control-Request-Headers A list of headers that are sent in the actual CORS request. Headers are separated with commas (,).
Type: String
Default value: none		 No

Request body

No request body is used.

Response

Response headers

This operation supports all common response headers. For more information, see Public Response Header.

Parameter Description
Access-Control-Allow-Origin The origin in the actual request. If the origin is not allowed, KS3 does not include this header in the response.
Type: String
Access-Control-Max-Age The period of time in seconds that the results of the preflight request can be cached.
Type: String
Access-Control-Allow-Methods The HTTP method that was sent in the original request. If the method is not allowed, KS3 does not include this header in the response.
Type: String
Access-Control-Allow-Headers The list of HTTP headers that the browser can send in the actual request. Headers are separated with commas (,). If any of the headers is not allowed, KS3 does not include this header in the response, and the response does not contain any header that contains the Access-Control prefix.
Type: String
Access-Control-Expose-Headers The list of HTTP headers, where headers are separated with commas (,). In response to the actual request, the JavaScript client is allowed to access these headers.
Type: String

Response body

No response body is returned.

Examples

Sample request

OPTIONS /my-image.jpg HTTP/1.1
Host: ks3-example.ks3-cn-beijing.ksyuncs.com
Origin: http://www.example.com
Access-Control-Request-Method: PUT

Sample response

HTTP/1.1 200 OK
Date: Wed, 21 Aug 2012 23:09:55 GMT
Etag: "1f1a1af1f1111111111111c11aed1da1"
Access-Control-Allow-Origin: http://www.example.com
Access-Control-Allow-Methods: PUT
Access-Control-Expose-Headers: x-kss-request-id
Content-Length: 0
Server: Tengine
On this page
Previous:DELETE Bucket CORS
Next:Asynchronous data processing
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback