Help Center> Object Storage Service> SDK Reference> BrowserJS> Initialization> Configuring CORS for a Bucket

View PDF

Configuring CORS for a Bucket

If you have any questions during development, post them on the Issues page of GitHub. For details about parameters and usage of each API, see the API Reference.

OBS provides distributed storage service over HTTP/HTTPS, and stores data in buckets. However, browsers do not allow the cross-origin AJAX requests by default. For this reason, configure CORS before using the OBS BrowserJS SDK to access buckets. You can configure CORS on OBS Console, on OBS Browser, or using other OBS SDKs (excluding the OBS BrowserJS SDK). The following configuration is recommended for the CORS rule.

Parameter	Value	Description
Allowed Origin	*	Allows all request origins. NOTE: You can also configure a domain name or IP address.
Allowed Method	PUT, GET, POST, DELETE, HEAD	Allows all HTTP methods.
Allowed Header	*	Allows requests to carry any headers.
Expose Header	ETag x-obs-request-id x-obs-api Content-Type Content-Length Cache-Control Content-Disposition Content-Encoding Content-Language Expires x-obs-id-2 x-reserved-indicator x-obs-version-id x-obs-copy-source-version-id x-obs-storage-class x-obs-delete-marker x-obs-expiration x-obs-website-redirect-location x-obs-restore x-obs-version x-obs-object-type x-obs-next-append-position	Allows the response to return the specified additional headers.

Configuring CORS on OBS Console

Log in to OBS Console. In the bucket list, click the target bucket to go to the Summary page.
Click CORS Rules under Basic Configurations. The CORS Rules page is displayed. See the following figure.
Click Create. The Create CORS Rule dialog box is displayed. Set the parameters according to the preceding table. See the following figure.
Click OK. On the CORS Rules page, view the configured rule.

The CORS configuration of a bucket takes effect in two minutes. You can access the bucket using the OBS BrowserJS SDK only after the configuration takes effect.

Configuring CORS Using the OBS Java SDK

You can call ObsClient.setBucketCors of the OBS Java SDK to configure the CORS rule for a bucket. The sample code is as follows:

String endPoint = "https://your-endpoint";
String ak = "*** Provide your Access Key ***";
String sk = "*** Provide your Secret Key ***";
// Create an instance of ObsClient.
ObsClient obsClient = new ObsClient(ak, sk, endPoint);

BucketCors cors = new BucketCors();

List<BucketCorsRule> rules = new ArrayList<BucketCorsRule>();
BucketCorsRule rule = new BucketCorsRule();

// Specify the origin of the cross-origin request.
ArrayList<String> allowedOrigin = new ArrayList<String>();
allowedOrigin.add( "*");  
rule.setAllowedOrigin(allowedOrigin);

// Specify the methods of the cross-origin request.
ArrayList<String> allowedMethod = new ArrayList<String>();
allowedMethod.add("GET");  
allowedMethod.add("POST");
allowedMethod.add("PUT");
allowedMethod.add("DELETE");
allowedMethod.add("HEAD");
rule.setAllowedMethod(allowedMethod);

// Specify the headers of the cross-origin request.
ArrayList<String> allowedHeader = new ArrayList<String>();
allowedHeader.add("*"); 
rule.setAllowedHeader(allowedHeader);

// Specify the additional headers in the response to the cross-origin request.
ArrayList<String> exposeHeader = new ArrayList<String>();
exposeHeader.add("ETag");
exposeHeader.add("Content-Type");
exposeHeader.add("Content-Length");
exposeHeader.add("Cache-Control");
exposeHeader.add("Content-Disposition");
exposeHeader.add("Content-Encoding");
exposeHeader.add("Content-Language");
exposeHeader.add("Expires");
exposeHeader.add("x-obs-request-id");
exposeHeader.add("x-obs-id-2");
exposeHeader.add("x-reserved-indicator");
exposeHeader.add("x-obs-api");
exposeHeader.add("x-obs-version-id");
exposeHeader.add("x-obs-copy-source-version-id");
exposeHeader.add("x-obs-storage-class");
exposeHeader.add("x-obs-delete-marker");
exposeHeader.add("x-obs-expiration");
exposeHeader.add("x-obs-website-redirect-location");
exposeHeader.add("x-obs-restore");
exposeHeader.add("x-obs-version");
exposeHeader.add("x-obs-object-type");
exposeHeader.add("x-obs-next-append-position");
rule.setExposeHeader(exposeHeader);

rule.setMaxAgeSecond(100);
rules.add(rule);
cors.setRules(rules);

try
{
    obsClient.setBucketCors("bucketname", cors);
catch (ObsException e)
{
    System.out.println("HTTP Code: " + e.getResponseCode());
    System.out.println("Error Code:" + e.getErrorCode());
    System.out.println("Error Message: " + e.getErrorMessage());
    
    System.out.println("Request ID:" + e.getErrorRequestId());
    System.out.println("Host ID:" + e.getErrorHostId());
}

Configure CORS Using OBS Python SDK

You can call ObsClient.setBucketCors of the OBS Python SDK to configure the CORS of a bucket. The sample code is as follows:

# Import the module.
from obs import ObsClient
 
# Create an instance of ObsClient.
obsClient = ObsClient(
    access_key_id='*** Provide your Access Key ***',    
    secret_access_key='*** Provide your Secret Key ***',    
    server='https://your-endpoint'
)

from obs import CorsRule

# Specify the origin of the cross-origin request.
allowedOrigin = ['*']
# Specify the methods of the cross-origin request.
allowedMethod = ['PUT', 'POST', 'GET', 'DELETE', 'HEAD']
# Specify the headers of the cross-origin request.
allowedHeader = ['*']

# Specify the additional headers in the response to the cross-origin request.
exposeHeader = ['ETag', 'Content-Type', 'Content-Length', 'Cache-Control', 'Content-Disposition', 'Content-Encoding', 'Content-Language', 'Expires', 'x-obs-request-id', 'x-obs-id-2', 'x-reserved-indicator', 'x-obs-api', 'x-obs-version-id', 'x-obs-copy-source-version-id', 'x-obs-storage-class', 'x-obs-delete-marker', 'x-obs-expiration', 'x-obs-website-redirect-location', 'x-obs-restore', 'x-obs-version', 'x-obs-object-type', 'x-obs-next-append-position']

maxAgeSecond = 100
cors = CorsRule(id='rule1', allowedMethod=allowedMethod,                 
                 allowedOrigin=allowedOrigin, allowedHeader=allowedHeader,                 
                 maxAgeSecond=maxAgeSecond, exposeHeader=exposeHeader)

resp = obsClient.setBucketCors('bucketname', corsList=[cors])
if resp.status < 300:    
    print('requestId:', resp.requestId)
else:    
    print('errorCode:', resp.errorCode)    
    print('errorMessage:', resp.errorMessage)

Except the OBS BrowserJS SDK, all OBS SDKs support the CORS configuration of buckets.
You can also configure the bucket CORS by referring to Configuring CORS on OBS Console, Configuring CORS on OBS Browser, and section "Configuring CORS" under "CORS" in the developer guide of each SDK language.

Parent topic: Initialization

Last Article: Initialization

Next Article: Configuring the AK and SK

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English

Help Center

Configuring CORS for a Bucket

Configuring CORS on OBS Console

Configuring CORS Using the OBS Java SDK

Configure CORS Using OBS Python SDK