All Products
Search
Document Center

Object Storage Service:CORS

Last Updated:Oct 10, 2023

Cross-origin resource sharing (CORS) is a standard cross-origin solution provided by HTML5 to allow web application servers to control cross-origin access and secure cross-origin data transmission.

Configure CORS rules

The following code provides an example on how to configure cross-origin resource sharing (CORS) rules for a specific bucket:

require 'aliyun/oss' client = Aliyun::OSS::Client.new( # In this example, the endpoint of the China (Hangzhou) region is used. Specify your actual endpoint. endpoint: 'https://oss-cn-hangzhou.aliyuncs.com', # Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. access_key_id: ENV['OSS_ACCESS_KEY_ID'], access_key_secret: ENV['OSS_ACCESS_KEY_SECRET'] ) # Specify the name of the bucket. Example: examplebucket. bucket = client.get_bucket('examplebucket') # Configure CORS rules. bucket.cors = [ Aliyun::OSS::CORSRule.new( # Specify the origin from which you want to allow cross-origin requests. Example: http://example.com. :allowed_origins => ['http://example.com', 'http://example.net'], # Specify the methods that can be used to send cross-origin requests, including GET, PUT, DELETE, POST, and HEAD. :allowed_methods => ['PUT', 'POST', 'GET'], # Specify the headers that are allowed in OPTIONS preflight requests. Example: x-oss-test. :allowed_headers => ['x-oss-test'], # Specify the response headers for allowed access requests from applications. :expose_headers => ['x-oss-test1'], # Specify the period of time in which the browser can cache the response for an OPTIONS preflight request for specific resources. Unit: seconds. :max_age_seconds => 100) ]

Query CORS rules

The following code provides an example on how to query CORS rules that are configured for a specific bucket:

require 'aliyun/oss' client = Aliyun::OSS::Client.new( # In this example, the endpoint of the China (Hangzhou) region is used. Specify your actual endpoint. endpoint: 'https://oss-cn-hangzhou.aliyuncs.com', # Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. access_key_id: ENV['OSS_ACCESS_KEY_ID'], access_key_secret: ENV['OSS_ACCESS_KEY_SECRET'] ) # Specify the name of the bucket. Example: examplebucket. bucket = client.get_bucket('examplebucket') cors = bucket.cors puts cors.map(&:to_s)

Delete CORS rules

The following code provides an example on how to delete CORS rules that are configured for a specific bucket:

require 'aliyun/oss' client = Aliyun::OSS::Client.new( # In this example, the endpoint of the China (Hangzhou) region is used. Specify your actual endpoint. endpoint: 'https://oss-cn-hangzhou.aliyuncs.com', # Obtain access credentials from environment variables. Before you run the sample code, make sure that the OSS_ACCESS_KEY_ID and OSS_ACCESS_KEY_SECRET environment variables are configured. access_key_id: ENV['OSS_ACCESS_KEY_ID'], access_key_secret: ENV['OSS_ACCESS_KEY_SECRET'] ) # Specify the name of the bucket. Example: examplebucket. bucket = client.get_bucket('examplebucket') bucket.cors = []

References

  • For more information about the API operation that you can call to configure CORS rules, see PutBucketCors.

  • For more information about the API operation that you can call to query CORS rules, see GetBucketCors.

  • For more information about the API operation that you can call to delete CORS rules, see DeleteBucketCors.