Cross-origin resource sharing (CORS) is a standard cross-origin solution provided by HTML5 to allow web application servers to control cross-origin access. This way, the security of data transmission across origins is ensured. You can run the cors-options command to send HTTP OPTIONS requests to Object Storage Service (OSS) and check whether specific cross-origin requests are allowed.
Command syntax
./ossutil64 cors-options oss://bucketname/[objectname]
[--acr-method <value>]
[--origin <value>]
[--acr-headers <value>]
The following table describes the parameters that you can configure when you run the cors-options command.
Parameter | Description |
bucketname | The name of the bucket to access. |
objectname | The name of the object to access. |
--acr-method | The method that is allowed to use in the request. This parameter specifies the value of the |
--origin | The origins from which you want to allow cross-origin requests. Example: |
--acr-headers | Specifies the value of the |
Examples
You can run the following command to detect whether the examplebucket bucket allows a cross-origin request whose origin is http://www.aliyun.com
and request method is PUT
:
./ossutil64 cors-options --acr-method put --origin "http://www.aliyun.com" oss://examplebucket
A similar output is displayed if examplebucket allows the cross-origin request.
Access-Control-Allow-Methods: GET, POST, PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 0
0.079520(s) elapsed
A similar output is displayed if examplebucket denies the cross-origin request.
Error: oss: service returned error: StatusCode=403, ErrorCode=AccessForbidden, ErrorMessage="CORSResponse: This CORS request is not allowed. This is usually
because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Requet-Headers are not whitelisted by the resource's CORS
spec.", RequestId=60F7F55F553DA2363138****
Common options
If you use ossutil to switch to a bucket that is located in another region, add the -e option to the command to specify the endpoint of the region in which the specified bucket is located. If you use ossutil to switch to a bucket that belongs to another Alibaba Cloud account, you can add the -i option to the command to specify the AccessKey ID of the specified account, and add the -k option to the command to specify the AccessKey secret of the specified account.
To detect whether a bucket named testbucket allows a cross-origin request whose origin is http://www.alibabacloud.com
and request method is PUT
, run the following command:
./ossutil64 cors-options --acr-method put --origin "http://www.alibabacloud.com" oss:/testbucket -e oss-cn-hangzhou.aliyuncs.com -i LTAI4Fw2NbDUCV8zYUzA**** -k 67DLVBkH7EamOjy2W5RVAHUY9H****
For more information about other common options that you can use for the cors-options command, see Common options.