Updated on 2024-12-03 GMT+08:00

Configuring CORS

If you have any questions during development, post them on the Issues page of GitHub. For details about parameters and usage of each API, see the API Reference.

To use the OBS BrowserJS SDK to access a bucket, you must configure cross-origin resource sharing (CORS) for the bucket. The following configuration is recommended for the CORS rule.

Parameter

Value

Description

Allowed Origin

*

Allows all request origins.

NOTE:

You can also configure a domain name or IP address.

Allowed Method

PUT, GET, POST, DELETE, and HEAD

Allows all HTTP methods.

Allowed Header

*

Allows requests to carry any headers.

Expose Header

  • ETag
  • x-obs-request-id
  • x-obs-api
  • Content-Type
  • Content-Length
  • Cache-Control
  • Content-Disposition
  • Content-Encoding
  • Content-Language
  • Expires
  • x-obs-id-2
  • x-reserved-indicator
  • x-obs-version-id
  • x-obs-copy-source-version-id
  • x-obs-storage-class
  • x-obs-delete-marker
  • x-obs-expiration
  • x-obs-website-redirect-location
  • x-obs-restore
  • x-obs-version
  • x-obs-object-type
  • x-obs-next-append-position

Allows the response to return the specified additional headers.

NOTICE:

This parameter specifies the additional headers that a browser can expose to the client.

Take ETag as an example. It is not a standard response header, so to obtain its value, you need to add it in this parameter for the browser to return the value in the response.

For the detailed procedure for configuring CORS on each client tool, see here.