All Products
Document Center

Configure CORS for Alibaba Cloud CDN

Last Updated: Jan 29, 2018

CDN currently supports whitelist configuration feature for CORS cross-region access. See below for how to complete CORS configuration when using CDN products, and a few notes while using CORS.

Step 1: In the list of Domain names, click the domain name to which you want to add CORS configuration, and enter the Domain Names interface:


Step 2: Select “Set HTTP Headers” and click “Add HTTP Header”:


Step 3: Under Parameters Configuration, select parameter Access-Control-Allow-Origin:


Step 4: Parameters configuration Access-Control-Allow-Methods:


Notes for CORS cross-region access configuration in CDN:

  • Currently does not support adding wildcards to domain names, e.g. * Only supports exact match of domain names.

  • Currently supports configuration of only one domain name whitelist.

  • When using the OSS product as the origin site, and CORS is configured on both OSS and CDN platforms, the configuration of CDN would take precedent over that of the OSS.

  • If using your own server or ECS product as the origin site, you are advised to perform static-dynamic separation first. Use CDN for static files. The CORS configuration set in the CDN Console is only enabled for static files.