Domain Name Compliance Issues

Last updated: 2025-12-17 16:09:36

Domain Name Compliance Issues

Last updated: 2025-12-17 16:09:36

path-style Issues Related to Domain Name
1. Whether COS Bucket Supports Using path-style Domain Name?
To ensure the security and stability of the overall service, buckets created after January 1, 2024 do not support path-style domains. Buckets created before January 1, 2024 remain unaffected and continue to support path-style domains, but it is recommended that you prioritize using virtual-hosted-style domains. For details, refer to the notice COS Bucket Domain Security Management Notice.
2. How to Determine Whether You Are Using a path-style Domain
Method 1: Determine via the object URL or access domain.
A path-style domain is in the form of: cos.<Region>.myqcloud.com/<BucketName-APPID>.
A virtual-hosted-style domain is in the form of: <BucketName-APPID>.cos.<Region>.myqcloud.com.
Method 2: Determine through logs that the log records of path-style requests meet the following conditions.
The eventSource field: The format of the access domain is similar to cos.<Region>.myqcloud.com, for example, cos.ap-guangzhou.myqcloud.com.
The eventName field: The event name is not GetService.
3. How to Switch from a path-style Domain to a virtual-hosted-style Domain Using the SDK?
COS Mini Program, JavaScript, Node.js, Android, and iOS SDKs support the use of path-style domains. Taking the Mini Program SDK as an example, the steps to switch are as follows:
Step 1: During SDK instantiation, change ForcePathStyle:true to ForcePathStyle:false, or remove this parameter. For example:
new COS({ ForcePathStyle: false }) 
new COS({}) 
Step 2: For the Mini Program SDK, you also need to configure the bucket domain <BucketName-Appid>.cos.<Region>.myqcloud.com as an allowlist domain on the WeChat Open Platform.
 4. How Errors Will Be Reported When path-style domains are used to access buckets created after January 1, 2024
An example of an error request is as follows.
GET /bucket-125000000/test.txt HTTP/1.1
Host: cos.ap-guangzhou.myqcloud.com
﻿
HTTP/1.1 403 Forbidden
﻿
<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>PathStyleDomainForbidden</Code>
    <Message>The bucket you are attempting to access must be addressed using COS virtual-styled domain.</Message>
</Error>
﻿
Issues Related to Previewing the Default Domain and Download Capabilities
1. Does the Default Domain of a COS Bucket Support Previewing Objects and Downloading apk/ipa Files in Browsers?
To ensure the security and stability of the overall service, for buckets created after January 1, 2024, when objects are accessed using COS default domains (including bucket default domains, static website domains, and global acceleration domains), files of any type cannot be previewed, and apk/ipa files cannot be downloaded. For details, refer to the notice COS Bucket Domain Usage Security Management Notice.
For buckets created after January 1, 2024, if users access objects using default domains, COS adds the following two Headers in the response headers, thus preventing direct file preview in browsers when using default domains.
x-cos-force-download:true
Content-Disposition: attachment
For buckets created after January 1, 2024, if users access apk/ipa files (with file extensions .apk or .ipa) using the default domain, the download request will return an error. An example of the error message is as follows:
HTTP/1.1 400 Bad Request
﻿
<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>DownloadForbidden</Code>
    <Message>The APK/IPA file is not allowed to be distributed in a public network using COS default domain, please use custom domain instead.</Message>
</Error>
2. Whether Buckets Created Before January 1, 2024 Support Browser Preview and apk/ipa Download When default domains are used
Buckets created before January 1, 2024 are unaffected by the default domain, but it is recommended that you prioritize using a custom domain.
3. Which Default Domains Are Affected?
The bucket domains, static website domains, and global acceleration domains provided directly by COS are all affected.
Domain name
Format Sample
bucket domain
<Bucket-Appid>.cos.<Region>.myqcloud.com
domain for static websites
<Bucket-Appid>.cos-website.<Region>.myqcloud.com
domain for global acceleration
<Bucket-Appid>.cos.accelerate.myqcloud.com
4. Does CDN Domain Support Browser Preview, and Do apk/ipa Files Support Download?
Tencent Cloud CDN
If Tencent Cloud CDN is used with the origin server configured as a COS bucket, the preview and download behaviors via the CDN domain will not be affected. Files of apk/ipa types can be downloaded normally through the CDN domain.
third-party CDN
If a third-party CDN service pulls content from a COS bucket and the origin is configured with the COS default domain, it will be affected.
5. Whether Private Network Access to the Default Domain Supports Browser Preview, and Whether apk/ipa File Types Support Download?
Private network access is unaffected.
6. Does Preview Support Exist for Custom Domains in Browsers, and Are Downloads Supported for apk/ipa File Types?
Supported.
7. How Can Files in Buckets Created After January 1, 2024, Be Previewed Normally in a Browser?
For buckets created after January 1, 2024, users need to configure a custom domain for the bucket to preview files properly. For custom domain configuration, see Enabling Custom Origin Domain.
Additionally, users need to specify the correct Content-Type header for the file, and the parameter value of Content-Disposition cannot be "attachment". When the browser supports the file format, it will open the file directly instead of downloading it. 
8. Will the Use of Static Websites Be Affected?
For buckets created after January 1, 2024, accessing for preview via default domains (including static website domains) will be restricted. Consequently, features such as index documents and error documents for static websites will be significantly affected.
To properly use the static website feature, you need to configure a custom domain for the bucket and set the origin to static website. For details, see Enabling Custom Origin Domain.
9. How to Download apk/ipa Files Normally for Buckets Created After January 1, 2024?
For buckets created after January 1, 2024, users need to configure a custom domain for the bucket to preview files properly. For custom domain configuration, see Enabling Custom Origin Domain.
﻿

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

Domain name	Format Sample
bucket domain	<Bucket-Appid>.cos.<Region>.myqcloud.com
domain for static websites	<Bucket-Appid>.cos-website.<Region>.myqcloud.com
domain for global acceleration	<Bucket-Appid>.cos.accelerate.myqcloud.com

tencent cloud

path-style Issues Related to Domain Name

1. Whether COS Bucket Supports Using path-style Domain Name?

2. How to Determine Whether You Are Using a path-style Domain

3. How to Switch from a path-style Domain to a virtual-hosted-style Domain Using the SDK?

4. How Errors Will Be Reported When path-style domains are used to access buckets created after January 1, 2024

﻿

Issues Related to Previewing the Default Domain and Download Capabilities

1. Does the Default Domain of a COS Bucket Support Previewing Objects and Downloading apk/ipa Files in Browsers?

2. Whether Buckets Created Before January 1, 2024 Support Browser Preview and apk/ipa Download When default domains are used

3. Which Default Domains Are Affected?

4. Does CDN Domain Support Browser Preview, and Do apk/ipa Files Support Download?

5. Whether Private Network Access to the Default Domain Supports Browser Preview, and Whether apk/ipa File Types Support Download?

6. Does Preview Support Exist for Custom Domains in Browsers, and Are Downloads Supported for apk/ipa File Types?

7. How Can Files in Buckets Created After January 1, 2024, Be Previewed Normally in a Browser?

8. Will the Use of Static Websites Be Affected?

9. How to Download apk/ipa Files Normally for Buckets Created After January 1, 2024?