Cross-origin resource sharing (CORS) is a standard cross-origin solution provided by HTML5 to allow web application servers to control cross-origin access. This way, the security of data transmission across origins is ensured. This topic describes how to run the cors command to add, modify, query, or delete CORS configurations for a bucket.

Note
  • Sample command lines in this topic are based on the 64-bit Linux system. For other systems, replace ./ossutil64 in the commands with the corresponding binary name. For more information, see ossutil.
  • For more information about CORS, see Configure CORS in Object Storage Service (OSS) Developer Guide.

Add or modify CORS configurations for a bucket

If no CORS configurations are added for a bucket, you can run the cors command to add CORS configurations for a bucket. If CORS configurations are added for a bucket, you can run the cors command to overwrite the existing CORS configurations.

To add or modify CORS configurations for a bucket, perform the following steps:

  1. Create a local file. Specify the CORS rules that you want to add in the local file.
  2. Use ossutil to read CORS configurations from the local file, and then add the CORS configurations for the specified bucket.

To add or modify CORS configurations for a bucket, use the following command syntax:

  • Command syntax
    ./ossutil64 cors --method put oss://bucketname local_xml_file

    The following table describes the parameters that you can configure when you run the cors command.

    Parameter Description
    bucketname The name of the bucket for which you want to add or modify CORS configurations.
    local_xml_file The name of the local file where CORS rules are configured. Example: localfile.txt.
  • Examples
    1. Create a file named localfile.txt on the local computer and configure different CORS rules in the file.

      In the following example, AllowedOrigin is set to www.aliyun.com, AllowedMethod is set to PUT, and MaxAgeSeconds is set to 10000. MaxAgeSeconds specifies the time in seconds the browser can cache the response to a preflight (OPTIONS) request to a specific resource. 

      <?xml version="1.0" encoding="UTF-8"?>
   <CORSConfiguration>
     <CORSRule>
         <AllowedOrigin>www.aliyun.com</AllowedOrigin>
         <AllowedMethod>PUT</AllowedMethod>
         <MaxAgeSeconds>10000</MaxAgeSeconds>
     </CORSRule>
 </CORSConfiguration>
    2. Add a CORS rule for a bucket named examplebucket. 
      ./ossutil64 cors --method put oss://examplebucket localfile.txt

      If a similar output is displayed, the CORS rule is added for examplebucket. 

      0.299514(s) elapsed

Query CORS configurations for a bucket

  • Command syntax
    ./ossutil64 cors --method get oss://bucketname [local_xml_file]

    The following table describes the parameters that you can configure when you run this command.

    Parameter Description
    bucketname The name of the bucket for which you want to query CORS configurations.
    local_xml_file The name of the local file used to store the CORS configurations. Example: localfile.txt. If this parameter is not specified, the CORS configurations that are obtained are directly displayed.
  • Examples

    You can run the following command to query the CORS configurations of a bucket named examplebucket: 

    ./ossutil64 cors --method get oss://examplebucket localfile.txt

    If a similar output is displayed, the CORS configurations of examplebucket are obtained and stored in localfile.txt. 

    0.212407(s) elapsed

Delete CORS configurations for buckets

  • Command syntax
    ./ossutil64 cors --method delete oss://bucketname
  • Examples

    Delete the CORS configurations of examplebucket. 

    ./ossutil64 cors --method delete oss://examplebucket

    If a similar output is displayed, the CORS configurations of examplebucket are deleted. 

    0.530750(s) elapsed

Common options

To use ossutil to manage buckets that are located in different regions, you can use the -e option to use the endpoint of the specified bucket. To use ossutil to manage buckets that are owned by different Alibaba Cloud accounts, you can use the -i option to use the AccessKey ID of the specified account, and use the -k option to use the AccessKey secret of the specified account.

For example, you can run the following command to add CORS configurations for a bucket named testbucket, which is located in the China (Hangzhou) region and is owned by another Alibaba Cloud account: 

./ossutil64 cors --method put oss://testbucket localfile.txt -e oss-cn-hangzhou.aliyuncs.com -i LTAI4Fw2NbDUCV8zYUzA****  -k 67DLVBkH7EamOjy2W5RVAHUY9H****

For more information about other common options that you can use for the cors command, see Common options.