PutBucketCORS

Prev Next

Available in Classic and VPC

Create new Cross-Origin Resource Sharing (CORS) settings or edit existing settings to apply to buckets in Object Storage.
Applying ACLs allows you to grant different sets of permissions to different storage accounts based on the account's identity or by using a predefined ACL (default ACL).

Requests

The following describes the request format for the endpoint. The request format is as follows.

Method URI
PUT {bucket-name}

Request syntax

The request syntax is as follows.

PUT https://{endpoint}/{bucket-name}?cors= # path style
PUT https://{bucket-name}.{endpoint}?cors= # virtual host style

Request headers

The following describes the bucket ACL settings API headers. For headers common to all Object Storage APIs, see Object Storage common headers.

Note

The Content-MD5 header is required to create a Cross-Origin Resource Sharing (CORS) setting or edit an existing setting.

Request path parameters

The following describes the parameters.

Field Type Required Description
bucket-name String Required Name of the bucket to create or edit CORS on

Request query parameters

The following describes the parameters.

Field Type Required Description
cors String Optional Set or edit Cross-Origin Resource Sharing (CORS)

Request body

The XML block that defines the core elements of CORS (AllowedOrigin, AllowedMethod) has the following two payload elements.

Element Name Required Type Restrictions Description
MaxAgeSeconds - String - Maximum response time (in seconds) for a pre-flight OPTIONS request for the specified resource
ExposeHeader - String - Define headers to be displayed to external applications

Request example

The following is a sample request.

GET /{bucket-name}?cors= HTTP/1.1
Content-Type: text/plain
Host: kr.object.ncloudstorage.com
X-amz-date: {Timestamp}
x-amz-content-sha256: {hash-string}
Content-MD5: {md5-string}
Authorization: {authorization-string}
Content-Length: 237

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>http://www.example.com</AllowedOrigin>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
        <AllowedMethod>HEAD</AllowedMethod>
        <AllowedHeader>*</AllowedHeader>
        <ExposeHeader>ETag</ExposeHeader>
    </CORSRule>
</CORSConfiguration>

Responses

The following describes the response format.

Response headers

For response headers common to all Object Storage APIs, see Object Storage common response headers.

Response status codes

For response status codes common to all Object Storage APIs, see Object Storage response status codes.

Response example

The following is a sample response.

HTTP/1.1 200 OK
Date: Wed, 24 Aug 2016 17:45:25 GMT
x-amz-request-id: xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
Content-Length: 0