CORS#

An object storage allows you to set up cross-domain requests (Cross-Origin Resource Sharing, CORS) to objects in a bucket. CORS configuration is specified in an XML document that defines the request sources and the methods they can use to work with the bucket.

PutBucketCors#

Sets the CORS configuration for the bucket. Any already existing configuration will be overwritten.

Sample Request#

Enables PUT and POST requests from https://user.domain.com and GET requests from all domains.

Request
PUT /bucket1/?cors=null HTTP/1.1
Host: s3.k2.cloud
X-Amz-Content-Sha256: beaead3198f7da1e70d03ab969765e0821b24fc913697e929e726aeaebf0eba3
X-Amz-Date: 20220531T161223Z
Authorization: AWS4-HMAC-SHA256 Credential=project:user@company/20220531/{region}/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=9ee865946317c62360192a2be260a11f94a7e4f90242f61e04668114a673429a
Content-Type: text/plain
Content-Length: 503

<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>>https://user.domain.com</AllowedOrigin>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
    </CORSRule>
    <CORSRule>
       <AllowedOrigin>*</AllowedOrigin>
       <AllowedMethod>GET</AllowedMethod>
    </CORSRule>
</CORSConfiguration>

Sample Response#

Response
HTTP/1.1 200 OK
x-amz-request-id: tx0000000000000071b53a9-006296456b-37d64f12-default
content-type: application-xml
content-length: 0
date: Tue, 31 May 2022 10:26:24 GMT

GetBucketCors#

Returns CORS configuration for the bucket.

Sample Request#

Request
GET /bucket1/?cors=null HTTP/1.1
Host: s3.k2.cloud
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20220601T072654Z
Authorization: AWS4-HMAC-SHA256 Credential=project:user@company/20220601/{region}/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=99865af42e46017e4c3182f797fbb083727b519e122beccb70bb45f3e5722da4

Sample Response#

Response
 HTTP/1.1 200 OK
 x-amz-request-id: tx000000000000007f1d3ff-00629714bd-41e627a3-default
 content-type: application-xml
 content-length: 317
 date: Wed, 01 Jun 2022 07:26:53 GMT

 <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <CORSRule>
      <AllowedMethod>PUT</AllowedMethod>
      <AllowedMethod>POST</AllowedMethod>
      <AllowedOrigin>https://user.domain.com</AllowedOrigin>
  </CORSRule>
  <CORSRule>
      <AllowedMethod>GET</AllowedMethod>
      <AllowedOrigin>*</AllowedOrigin>
  </CORSRule>
</CORSConfiguration>

DeleteBucketCors#

Deletes CORS configuration from the bucket.

Sample Request#

Request
DELETE /bucket1/?cors=null HTTP/1.1
Host: s3.k2.cloud
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20220601T074456Z
Authorization: AWS4-HMAC-SHA256 Credential=project:user@company/20220601/{region}/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=8871c0fdae09ee6f3ef6e997536f1c33febbb224aad1831c3e21130259d3ac4b

Sample Response#

Response
HTTP/1.1 204 No Content
x-amz-request-id: tx000000000000007fa7168-00629718f8-40173986-default
date: Wed, 01 Jun 2022 07:44:56 GMT