Configuring CORS for a Bucket (SDK for Python)
Function
Cross-origin resource sharing (CORS) is a mechanism defined by the World Wide Web Consortium (W3C) that allows a web application program in one domain to access resources located in another one. For general web page requests, website scripts and contents in one domain cannot interact with those in another because of Same Origin Policies (SOPs). OBS supports CORS rules that allow the resources in OBS to be requested by other domains.
This API configures CORS for a bucket.
Restrictions
- To configure CORS for a bucket, you must be the bucket owner or have the required permission (obs:bucket:PutBucketCORS in IAM or PutBucketCORS in a bucket policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Creating a Custom Bucket Policy.
- The mapping between OBS regions and endpoints must comply with what is listed in Regions and Endpoints.
Method
ObsClient.setBucketCors(bucketName, corsRuleList)
Request Parameters
|
Parameter |
Type |
Mandatory (Yes/No) |
Description |
|---|---|---|---|
|
bucketName |
str |
Yes |
Explanation: Bucket name Restrictions:
Default value: None |
|
corsRuleList |
list of CorsRule |
Yes |
Explanation: CORS rule list of the bucket. For details, see Table 1. Restrictions: A list can have a maximum of 100 CORS rules. Default value: None |
|
Parameter |
Type |
Mandatory (Yes/No) |
Description |
|---|---|---|---|
|
id |
str |
No if used as a request parameter |
Explanation: CORS rule ID Value range: The value must contain 1 to 255 characters. Default value: None |
|
allowedMethod |
list of str |
Yes if used as a request parameter |
Explanation: The allowed HTTP methods (types of operations on buckets and objects) for a cross-origin request. Value range: The following HTTP methods are supported:
Default value: None |
|
allowedOrigin |
list of str |
Yes if used as a request parameter |
Explanation: The origin from which the requests can access the bucket. Restrictions: Domain name of the origin. Each origin can contain only one wildcard character (*), for example, https://*.vbs.example.com. Default value: None |
|
allowedHeader |
list of str |
No if used as a request parameter |
Explanation: The allowed headers for cross-origin requests. Only CORS requests matching the allowed headers are valid. Restrictions: Each header can contain at most one wildcard character (*). Spaces, ampersands (&), colons (:), less-than signs (<), and full-width characters are not allowed. Default value: None |
|
maxAgeSecond |
int or str |
No if used as a request parameter |
Explanation: Time your client can cache the response for a cross-origin request Restrictions: Each CORS rule can contain at most one maxAgeSecond. Value range: An integer greater than or equal to 0, in seconds Default value: 100 |
|
exposeHeader |
list of str |
No if used as a request parameter |
Explanation: The CORS-allowed additional headers in the response. These headers provide additional information to clients. By default, your browser can only access headers Content-Length and Content-Type. If your browser needs to access other headers, add them to a list of the allowed additional headers. Restrictions: Spaces, wildcard characters (*), ampersands (&), colons (:), and less-than signs (<) are not allowed. Default value: None |
Responses
|
Type |
Description |
|---|---|
|
Explanation: SDK common results |
|
Parameter |
Type |
Description |
|---|---|---|
|
status |
int |
Explanation: HTTP status code Value range: A status code is a group of digits ranging from 2xx (indicating successes) to 4xx or 5xx (indicating errors). It indicates the status of a response. For more information, see Status Code. Default value: None |
|
reason |
str |
Explanation: Reason description. Default value: None |
|
errorCode |
str |
Explanation: Error code returned by the OBS server. If the value of status is less than 300, this parameter is left blank. Default value: None |
|
errorMessage |
str |
Explanation: Error message returned by the OBS server. If the value of status is less than 300, this parameter is left blank. Default value: None |
|
requestId |
str |
Explanation: Request ID returned by the OBS server Default value: None |
|
indicator |
str |
Explanation: Error indicator returned by the OBS server. Default value: None |
|
hostId |
str |
Explanation: Requested server ID. If the value of status is less than 300, this parameter is left blank. Default value: None |
|
resource |
str |
Explanation: Error source (a bucket or an object). If the value of status is less than 300, this parameter is left blank. Default value: None |
|
header |
list |
Explanation: Response header list, composed of tuples. Each tuple consists of two elements, respectively corresponding to the key and value of a response header. Default value: None |
|
body |
object |
Explanation: Result content returned after the operation is successful. If the value of status is larger than 300, this parameter is left blank. The value varies with the API being called. For details, see Bucket-Related APIs (SDK for Python) and Object-Related APIs (SDK for Python). Default value: None |
Code Examples
This example configures CORS rules for bucket examplebucket.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
from obs import ObsClient from obs import CorsRule import os import traceback # Obtain an AK and SK pair using environment variables or import the AK and SK pair in other ways. Using hard coding may result in leakage. # Obtain an AK and SK pair on the management console. For details, see https://support.huaweicloud.com/intl/en-us/usermanual-ca/ca_01_0003.html. ak = os.getenv("AccessKeyID") sk = os.getenv("SecretAccessKey") # (Optional) If you use a temporary AK and SK pair and a security token to access OBS, obtain them from environment variables. security_token = os.getenv("SecurityToken") # Set server to the endpoint corresponding to the bucket. Here uses CN-Hong Kong as an example. Replace it with the one in use. server = "https://obs.ap-southeast-1.myhuaweicloud.com" # Create an obsClient instance. # If you use a temporary AK and SK pair and a security token to access OBS, you must specify security_token when creating an instance. obsClient = ObsClient(access_key_id=ak, secret_access_key=sk, server=server) try: # Specify CORS rules. cors1 = CorsRule(id='rule1', allowedMethod=['PUT', 'POST', 'GET', 'DELETE', 'HEAD'], allowedOrigin=['obs.hostname', 'obs.hostname1'], allowedHeader=['obs-header-1'], maxAgeSecond=60) cors2 = CorsRule(id='rule2', allowedMethod=['PUT', 'POST', 'GET'], allowedOrigin=['obs.hostname', 'obs.hostname1'], allowedHeader=['header-1', 'header-2'], maxAgeSecond=50, exposeHeader=['head1']) corsList = [cors1, cors2] bucketName = "examplebucket" # Configure CORS for the bucket. resp = obsClient.setBucketCors(bucketName, corsList) # If status code 2xx is returned, the API is called successfully. Otherwise, the API call fails. if resp.status < 300: print('Set Bucket Cors Succeeded') print('requestId:', resp.requestId) else: print('Set Bucket Cors Failed') print('requestId:', resp.requestId) print('errorCode:', resp.errorCode) print('errorMessage:', resp.errorMessage) except: print('Set Bucket Cors Failed') print(traceback.format_exc()) |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
