API | Operation | Description |
Configuring a preflight request for cross-origin access | Sends a preflight request to check whether a real cross-origin access request can be sent |
OPTIONS Object
) is used to send a preflight request to check the CORS configuration of an object. Before making an actual CORS request, you can send an OPTIONS request that includes the source origin, HTTP method, and headers to COS to determine whether an actual CORS request can be sent. If there is no CORS configuration, "403 Forbidden" will be returned. You can enable CORS for a bucket using the PUT Bucket cors
API.cos.optionsObject({Bucket: 'examplebucket-1250000000', /* Your bucket name. Required. */Region: 'COS_REGION', /* Bucket region, such as `ap-beijing`. Required. */Key: '1.jpg', /* Object key stored in the bucket (such as `1.jpg` and `a/b/test.txt`). Required. */Origin: 'https://www.qq.com', /*Required*/AccessControlRequestMethod: 'PUT', /*Required*/AccessControlRequestHeaders: 'origin,accept,content-type' /*Optional*/}, function(err, data) {console.log(err || data);});
Parameter | Description | Type | Required |
Bucket | Bucket name in the format of BucketName-APPID | String | Yes |
Region | String | Yes | |
Key | Object key (object name), the unique ID of an object in a bucket. For more information, please see Object Overview. | String | Yes |
Origin | Origin domain name of the simulated CORS request | String | Yes |
AccessControlRequestMethod | HTTP method of the simulated CORS request | String | Yes |
AccessControlRequestHeaders | Headers of the simulated CORS request | String | No |
function(err, data) { ... }
Parameter | Description | Type |
err | Error code, which is returned when an error (network error or service error) occurs. If the request is successful, this parameter is empty. For more information, please see Error Codes. | Object |
- statusCode | HTTP status code, such as 200 , 403 , and 404 | Number |
- headers | Headers | Object |
data | Content returned when the request is successful. If the request fails, this parameter is empty. | Object |
- headers | Headers | Object |
- statusCode | HTTP status code, such as 200 , 403 , and 404 | Number |
- AccessControlAllowOrigin | Source origins (separated by commas) of the simulated CORS request. If the origins are not allowed, this header will not be returned. Example: * | String |
- AccessControlAllowMethods | HTTP methods (separated by commas) of the simulated CORS request (for example, PUT,GET,POST,DELETE,HEAD ). If the request method is not allowed, this header will not be returned. | String |
- AccessControlAllowHeaders | Headers (separated by commas) of the simulated CORS request (for example, accept,content-type,origin,authorization ). If none of the stimulated request headers is allowed, this header will not be returned. | String |
- AccessControlExposeHeaders | Headers (separated by commas) returned if CORS is supported. Example: ETag | String |
- AccessControlMaxAge | The validity duration of results returned by the OPTIONS request, e.g. 3600 | String |
- OptionsForbidden | Whether the OPTIONS request is forbidden. It is true if the HTTP status code 403 is returned. | Boolean |
Apakah halaman ini membantu?