OPTIONS Bucket
Functions
OPTIONS refers to pre-requests that are sent to servers by clients. Generally, the requests are used to check whether clients have permissions to perform operations on servers. Only after a pre-request is returned successfully, clients start to execute the follow-up requests.
OBS allows static web resources to be stored in buckets with appropriate configurations. In this scenario, buckets in the OBS serve as servers to process OPTIONS pre-requests from clients.
OBS can process OPTIONS pre-requests only after CORS is configured for buckets in OBS. For details about CORS, see Configuring Bucket CORS.
Differences Between OPTIONS Bucket and OPTIONS Object
With the OPTIONS Object, you need to specify an object name in the URL, but an object name is not required with the OPTIONS Bucket, which uses the bucket domain name as the URL. The request lines of the two methods are as follows:
OPTIONS /object HTTP/1.1
OPTIONS / HTTP/1.1
Request Syntax
1 2 3 4 5 6 |
OPTIONS / HTTP/1.1 Host: bucketname.obs.region.myhuaweicloud.eu Date: date Authorization: authorization Origin: origin Access-Control-Request-Method: method |
Request Parameters
This request contains no message parameters.
Request Headers
This request uses the headers described in Table 1.
Header |
Description |
Mandatory |
---|---|---|
Origin |
Origin of the cross-domain request specified by the pre-request. Generally, it is a domain name set in CORS. Type: string |
Yes |
Access-Control-Request-Method |
An HTTP method that can be used by a request. The request can use multiple method headers. Type: string Value options: GET, PUT, HEAD, POST, DELETE |
Yes |
Access-Control-Request-Headers |
HTTP headers of a request. The request can use multiple HTTP headers. Type: string |
No |
Request Elements
This request involves no elements.
Response Syntax
1 2 3 4 5 6 7 8 9 |
HTTP/1.1 status_code Content-Type: application/xml Access-Control-Allow-Origin: origin Access-Control-Allow-Methods: method Access-Control-Allow-Header: header Access-Control-Max-Age: time Access-Control-Expose-Headers: header Date: date Content-Length: length |
Response Headers
The response uses the following headers as described in Table 2.
Header |
Description |
---|---|
Access-Control-Allow-Origin |
If the origin of a request meets server CORS configuration requirements, the response contains the origin. Type: string |
Access-Control-Allow-Headers |
If the headers of a request meet server CORS configuration requirements, the response contains the headers. Type: string |
Access-Control-Max-Age |
Value of MaxAgeSeconds in the CORS configuration of a server Type: integer |
Access-Control-Allow-Methods |
If the Access-Control-Request-Method of a request meets server CORS configuration requirements, the response contains the methods in the rule. Type: string Value options: GET, PUT, HEAD, POST, DELETE |
Access-Control-Expose-Headers |
Value of ExposeHeader in the CORS configuration of a server Type: string |
Response Elements
This response contains no elements.
Error Responses
Table 3 describes possible special errors in the request.
Error Code |
Description |
HTTP Status Code |
---|---|---|
Bad Request |
Invalid Access-Control-Request-Method: null When CORS and OPTIONS are configured for a bucket, no method header is added. |
400 BadRequest |
Bad Request |
Insufficient information. Origin request header needed. When CORS and OPTIONS are configured for a bucket, no origin header is added. |
400 BadRequest |
AccessForbidden |
CORSResponse: This CORS request is not allowed. This is usually because the evaluation of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS specification. When CORS and OPTIONS are configured for a bucket, origin, method, and headers do not match any rule. |
403 Forbidden |
For other errors, see Table 2.
Sample Request
1 2 3 4 5 6 7 8 |
OPTIONS / HTTP/1.1 User-Agent: curl/7.29.0 Host: examplebucket.obs.region.myhuaweicloud.eu Accept: */* Date: WED, 01 Jul 2015 04:02:15 GMT Authorization: OBS H4IPJX0TQTHTHEBQQCEC:7RqP1vjemo6U+Adv9/Y6eGzWrzA= Origin: www.example.com Access-Control-Request-Method: PUT |
Sample Response
1 2 3 4 5 6 7 8 9 10 11 |
HTTP/1.1 200 OK Server: OBS x-obs-request-id: BF260000016436314E8FF936946DBC9C Access-Control-Allow-Origin: www.example.com Access-Control-Allow-Methods: POST,GET,HEAD,PUT,DELETE Access-Control-Max-Age: 100 Access-Control-Expose-Headers: ExposeHeader_1,ExposeHeader_2 Access-Control-Allow-Credentials: true x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTlYimJvOyJncCLNm5y/iz6MAGLNxTuS Date: WED, 01 Jul 2015 04:02:15 GMT Content-Length: 0 |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.