Header Name | Description | Type | Mandatory |
Authorization | Signature information that carries authentication information to verify the legitimacy of the request. For public read objects, you do not need to carry this header. If you transmit the authentication information through request parameters, you do not need to carry this header. For details, see Request Signature. | string | Yes For public read objects or authentication information transmitted through request parameters, this header is optional. |
Content-Length | Content length of an HTTP request defined in RFC 2616, which is measured in bytes. | integer | For PUT and POST requests (excluding PUT Object requests specifying the Transfer-Encoding request header), this header is mandatory. For GET, HEAD, DELETE, and OPTIONS requests, this header cannot be specified. |
Content-Type | HTTP request content type (MIME) defined in RFC 2616, such as application/xml or image/jpeg. | string | For PUT and POST requests that contain a request body, this header is mandatory. For GET, HEAD, DELETE, and OPTIONS requests, this header cannot be specified. |
Content-MD5 | Base64 encoding format of the 16-byte binary MD5 hash value of the request body content defined in RFC 1864, which is used for integrity checks to verify whether the request body has undergone changes during transmission. The final value length should be 24 characters. Ensure that the correct methods and parameters are used when writing code. For instance, ZzD3iDJdrMAAb00lgLLeig==. | string | For PUT and POST requests that have a request body (excluding POST Object), this header is mandatory. For GET, HEAD, DELETE, and OPTIONS requests, this header cannot be specified. |
Date | Current time in GMT format defined in RFC 1123, for instance, Wed, 29 May 2019 04:10:12 GMT. | string | No |
Host | Requested host, formatted as <BucketName-APPID>.cos.<Region>.myqcloud.com. | string | Yes |
x-cos-security-token | Security token field required when the temporary security credentials are used. For details, refer to the instructions related to temporary security credentials. | string | No When temporary keys are used and authentication information are carried via Authorization, this header is mandatory. |
Header Name | Description | Type | Mandatory |
x-cos-server-side-encryption | SSE algorithm, which is specified as AES256 when SSE-COS is used. | string | When uploading or duplicating objects (including simple uploading/duplication and multipart uploading/duplication), carrying this header will employ SSE-COS encryption. If this header is not carried, encryption will be implemented based on the bucket encryption configuration. This header cannot be specified when you download objects. |
Header Name | Description | Type | Mandatory |
x-cos-server-side-encryption | SSE algorithm, which is specified as cos/kms when SSE-KMS is used. | string | When uploading or duplicating objects (including simple uploading/duplication and multipart uploading/duplication), carrying this header will employ SSE-KMS encryption. If this header is not carried, encryption will be implemented based on the bucket encryption configuration. This header cannot be specified when you download objects. |
x-cos-server-side-encryption-cos-kms-key-id | When the value of x-cos-server-side-encryption is cos/kms, this header is used to designate the user primary key CMK of KMS. If this header is not specified, the default CMK created by COS is used. For more details, refer to SSE-KMS Encryption. | string | No |
x-cos-server-side-encryption-context | When the value of x-cos-server-side-encryption is cos/kms, this header is used to specify the encryption context. The value is the Base64 encoding of the JSON formatted encryption context key-value pair. For instance, eyJhIjoiYXNkZmEiLCJiIjoiMTIzMzIxIn0= . | string | No |
Header Name | Description | Type | Mandatory |
x-cos-server-side-encryption-customer-algorithm | SSE algorithm. Currently only AES256 is supported. | string | Yes |
x-cos-server-side-encryption-customer-key | Base64 encoding of the SSE key. For instance, MDEyMzQ1Njc4OUFCQ0RFRjAxMjM0NTY3ODlBQkNERUY= . | string | Yes |
x-cos-server-side-encryption-customer-key-MD5 | MD5 hash value of the SSE key, which is encoded in Base64. For instance, U5L61r7jcwdNvT7frmUG8g== . | string | Yes |
Header Name | Description | Type | Mandatory |
x-cos-object-lock-retain-until-date | Sets the object lock period, which is a timestamp used for setting the specific retention period. The value is represented in accordance with the ISO8601 standard and requires the use of the UTC time. For instance, 2022-02-17T10:30:09.000Z . | String | Yes |
x-cos-object-lock-mode | Sets the object lock mode. The COMPLIANCE mode is supported. | String | Yes |
Was this page helpful?