Obtaining the CORS Configuration of a Bucket
Functions
You can perform this operation to obtain CORS configuration information about a specified bucket.
To perform this operation, you must have the GetBucketCORS permission. By default, only the bucket owner can perform this operation. The bucket owner can grant the permission to other users by configuring the bucket policy or user policy.
Authorization Information
To call this API, you must be the bucket owner or have the permission to obtain the CORS configuration of a bucket. You are advised to use IAM or bucket policies for authorization. For details about OBS authorization methods, see Differences Between OBS Permissions Control Methods.
- If you use IAM for authorization, you need to use either role/policy-based authorization or identity policy-based authorization and configure the required permissions:
- If you use role/policy-based authorization (IAM v3 APIs in the old IAM version), you need to grant the obs:bucket:GetBucketCORS permission. For details, see Creating a Custom IAM Policy.
- If you use identity policy-based authorization (IAM v5 APIs in the new IAM version), you need to grant the obs:bucket:getBucketCORS permission, as shown in the following table. For details, see Creating a Custom IAM Identity Policy.
Action
Access Level
Resource Type (*: Required)
Dependencies
obs:bucket:getBucketCORS
Read
bucket *
-
-
-
- obs:EpochTime
- obs:SourceIp
- obs:TlsVersion
- obs:CustomDomain
- If you use bucket policies for authorization, you need to grant the obs:bucket:GetBucketCORS permission. For details, see Creating a Custom Bucket Policy.
Request Syntax
1 2 3 4 |
GET /?cors HTTP/1.1 Host: bucketname.obs.region.myhuaweicloud.com Date: date Authorization: authorization |
Request Parameters
This request contains no message parameters.
Request Headers
This request uses common headers. For details, see Table 3.
Request Elements
This request involves no elements.
Response Syntax
1 2 3 4 5 6 7 8 9 10 11 |
HTTP/1.1 status_code Content-Type: application/xml Date: date Content-Length: length <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <CORSConfiguration xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/"> <CORSRule> ... </CORSRule> </CORSConfiguration> |
Response Headers
The response to the request uses common headers. For details, see Table 1.
Response Elements
This response contains elements to detail the configuration. Table 1 describes the elements.
|
Element |
Description |
|---|---|
|
CORSConfiguration |
Root node of CORSRules and its capacity cannot exceed 64 KB. Type: container Parent: none |
|
CORSRule |
CORS rule. CORSConfiguration can contain a maximum of 100 rules. Type: container Parent: CORSConfiguration |
|
ID |
Unique identifier of a rule. The value can contain a maximum of 255 characters. Type: string Parent: CORSRule |
|
AllowedMethod |
Method allowed by a CORS rule. Type: string Value options: GET, PUT, HEAD, POST, DELETE Parent: CORSRule |
|
AllowedOrigin |
The origin (domain name) that is allowed by a CORS rule. The value is a string of 0 to 20480 characters. It allows at most one wildcard character (*). Type: string Parent: CORSRule |
|
AllowedHeader |
Headers that can be carried in Access-Control-Request-Headers of CORS requests. The value contains 0 to 20480 characters. If a request contains Access-Control-Request- Headers, only a CORS request that matches the configuration of AllowedHeader is considered as a valid request. Each AllowedHeader can contain at most one wildcard (*) and cannot contain spaces. Type: string Parent: CORSRule |
|
MaxAgeSeconds |
Response time of CORS that can be cached by a client. It is expressed in seconds. Each CORS rule can contain at most one MaxAgeSeconds. Type: integer Parent: CORSRule |
|
ExposeHeader |
Indicates a supplemented header in CORS responses. The header provides additional information for clients. It cannot contain spaces. Type: string Parent: CORSRule |
Error Responses
Table 2 describes possible special errors in this request.
|
Error Code |
Description |
HTTP Status Code |
|---|---|---|
|
NoSuchCORSConfiguration |
Indicates that the CORS configuration of buckets does not exist. |
404 Not Found |
For other errors, see Table 2.
Sample Request
1 2 3 4 5 6 |
GET /?cors HTTP/1.1 User-Agent: curl/7.29.0 Host: examplebucket.obs.region.myhuaweicloud.com Accept: */* Date: WED, 01 Jul 2015 03:54:36 GMT Authorization: OBS H4IPJX0TQTHTHEBQQCEC:WJGghTrPQQXRuCx5go1fHyE+Wwg= |
Sample Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
HTTP/1.1 200 OK Server: OBS x-obs-request-id: BF2600000164363593F10738B80CACBE x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSpngvwC5TskcLGh7Fz5KRmCFIayuY8p Content-Type: application/xml Date: WED, 01 Jul 2015 03:54:36 GMT Content-Length: 825 <?xml version="1.0" encoding="utf-8"?> <CORSConfiguration xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/"> <CORSRule> <ID>783fc6652cf246c096ea836694f71855</ID> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>HEAD</AllowedMethod> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>DELETE</AllowedMethod> <AllowedOrigin>obs.ap-southeast-1.myhuaweicloud.com</AllowedOrigin> <AllowedOrigin>obs.example.com</AllowedOrigin> <AllowedOrigin>www.example.com</AllowedOrigin> <AllowedHeader>AllowedHeader_1</AllowedHeader> <AllowedHeader>AllowedHeader_2</AllowedHeader> <MaxAgeSeconds>100</MaxAgeSeconds> <ExposeHeader>ExposeHeader_1</ExposeHeader> <ExposeHeader>ExposeHeader_2</ExposeHeader> </CORSRule> </CORSConfiguration> |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
