Cross-origin resource sharing (CORS) allows web applications to access resources that belong to different regions. OSS provides CORS operations to facilitate cross-origin access control.

Note For more information, see Set CORS rules in OSS Developer Guide and visit GitHub.

Configure CORS rules

The following code provides an example on how to configure CORS rules for a specific bucket:

let oss = require('ali-oss');

const client = oss({
  accessKeyId: 'your access key',
  accessKeySecret: 'your access secret',
  bucket: 'your bucket name',
  region: 'oss-cn-hangzhou'
})
client.putBucketCORS('hello', [
  {
    allowedOrigin: '*',
    allowedMethod: [
      'GET',
      'HEAD',
    ],
  }
]).then((result) => {});

For more information about how to configure CORS rules, see PutBucketCORS.

Query CORS rules

The following code provides an example on how to query CORS rules configured for a specific bucket:

let OSS = require('ali-oss');
const client = new OSS({
  region: 'your region',
  accessKeyId: 'your accessKeyId',
  accessKeySecret: 'your accessKeySecret',
})
client.getBucketCORS('bucketName').then((res) => {
  console.log(res);
}).catch(e => {
  console.log(e)
})

For more information about how to query CORS rules, see GetBucketCORS.

Delete CORS rules

The following code provides an example on how to delete the CORS rules configured for a specific bucket:

let OSS = require('ali-oss');
const client = new OSS({
  region: 'your region',
  accessKeyId: 'your accessKeyId',
  accessKeySecret: 'your accessKeySecret',
})
client.deleteBucketCORS('bucketName').then((res) => {
  console.log(res);
}).catch(e => {
  console.log(e)
})

For more information about how to delete CORS rules, see DeleteBucketCORS.