OPTIONS /<ObjectKey> HTTP/1.1Host: <BucketName-APPID>.cos.<Region>.myqcloud.comDate: GMT DateOrigin: OriginAccess-Control-Request-Method: RequestMethod
ObjectKey
) is specified. You can also specify any other resources in the bucket, such as OPTIONS / HTTP/1.1
or OPTIONS /?lifecycle HTTP/1.1
.Host: <BucketName-APPID>.cos.<Region>.myqcloud.com
, <BucketName-APPID> is the bucket name followed by the APPID, such as examplebucket-1250000000
(see Bucket Overview > Basic Information and Bucket Overview > Bucket Naming Conventions), and <Region> is a COS region (see Regions and Access Endpoints).Header | Description | Type | Required |
Origin | Domain that initiates the CORS request | string | Yes |
Access-Control-Request-Method | Method used for the CORS request | string | Yes |
Access-Control-Request-Headers | HTTP request headers used for the CORS request. You can use commas (,) to separate multiple headers (case-insensitive). | string | No |
Header | Description | Type |
Access-Control-Allow-Origin | Domains that are allowed to send a CORS request. Valid values: * : all domainsDomains specified in the Origin request header | string |
Access-Control-Allow-Methods | Methods allowed for the CORS request. Multiple methods are separated by commas (,). | string |
Access-Control-Expose-Headers | HTTP response headers (case-insensitive) of CORS requests that the browser can get. Multiple headers are separated by commas (,). | string |
Access-Control-Max-Age | Validity period of the CORS configuration, in seconds. Within the validity period, the browser does not need to issue a preflight request again for the same request. | integer |
PUT Object
OPTIONS /exampleobject HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Thu, 09 Jul 2020 14:49:22 GMTOrigin: https://example.comAccess-Control-Request-Method: PUTAccess-Control-Request-Headers: content-md5,content-type,x-cos-meta-authorConnection: close
HTTP/1.1 200 OKContent-Length: 0Connection: closeAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: content-md5,content-type,x-cos-meta-authorAccess-Control-Allow-Methods: PUT,GET,POST,DELETE,HEADAccess-Control-Allow-Origin: https://example.comAccess-Control-Expose-Headers: Content-Length,ETag,x-cos-meta-authorAccess-Control-Max-Age: 600Date: Thu, 09 Jul 2020 14:49:22 GMTServer: tencent-cosx-cos-request-id: NWYwNzJlNzJfODRjOTJhMDlfMjU0MWNfMTNmZDM5****
GET Object
carries the range
request headerOPTIONS /exampleobject HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Thu, 09 Jul 2020 14:49:22 GMTOrigin: https://example.comAccess-Control-Request-Method: GETAccess-Control-Request-Headers: rangeConnection: close
HTTP/1.1 200 OKContent-Length: 0Connection: closeAccess-Control-Allow-Headers: range,x-cos-server-side-encryption-customer-algorithm,x-cos-server-side-encryption-customer-key,x-cos-server-side-encryption-customer-key-md5Access-Control-Allow-Methods: GET,HEADAccess-Control-Allow-Origin: *Access-Control-Expose-Headers: Content-Length,ETag,x-cos-meta-authorAccess-Control-Max-Age: 600Date: Thu, 09 Jul 2020 14:49:22 GMTServer: tencent-cosx-cos-request-id: NWYwNzJlNzJfZDUyNzVkNjRfYTA2Ml8yNGEz****
PUT Bucket lifecycle
OPTIONS /?lifecycle HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Thu, 09 Jul 2020 14:29:40 GMTOrigin: https://bar.comAccess-Control-Request-Method: PUTAccess-Control-Request-Headers: content-md5,content-typeConnection: close
HTTP/1.1 200 OKContent-Length: 0Connection: closeAccess-Control-Allow-Credentials: trueAccess-Control-Allow-Headers: content-md5,content-typeAccess-Control-Allow-Methods: PUT,GET,POST,DELETE,HEADAccess-Control-Allow-Origin: https://bar.comAccess-Control-Expose-Headers: Content-Length,ETag,x-cos-meta-authorAccess-Control-Max-Age: 600Date: Thu, 09 Jul 2020 14:29:40 GMTServer: tencent-cosx-cos-request-id: NWYwNzI5ZDRfNjFiMDJhMDlfYzk2NF8xYmZl****
OPTIONS /exampleobject HTTP/1.1Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.comDate: Thu, 09 Jul 2020 11:45:26 GMTOrigin: https://example.comAccess-Control-Request-Method: PUTConnection: close
HTTP/1.1 403 ForbiddenContent-Type: application/xmlContent-Length: 687Connection: closeDate: Thu, 09 Jul 2020 11:45:26 GMTServer: tencent-cosx-cos-request-id: NWYwNzAzNTZfNzNjODJhMDlfMzRiM2ZfMThjMjk4****x-cos-trace-id: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4OWM4Y2M5MzI5ZmUzN2FjZDk1OTRjYWI5Yjg5OTJlZDA=<?xml version='1.0' encoding='utf-8' ?><Error><Code>AccessForbidden</Code><Message>CORSResponse: This CORS request is not allowed. This is usually because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Requet-Headers are not whitelisted by the resource's CORS spec</Message><Resource>examplebucket-1250000000.cos.ap-beijing.myqcloud.com/exampleobject</Resource><RequestId>NWYwNzAzNTZfNzNjODJhMDlfMzRiM2ZfMThjMjk4****</RequestId><TraceId>OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OWE4OGMxZjNjY2JiNTBmMTVmMWY1MzAzYzkyZGQ2ZWM4OWM4Y2M5MzI5ZmUzN2FjZDk1OTRjYWI5Yjg5OTJlZDA=</TraceId></Error>
Was this page helpful?