Release Notes and Announcements
- Release Notes
- Announcements
Product Introduction
Billing
- Billing Overview
- Billing Method
- Billable Items
- Free Tier
- Billing Examples
- Viewing and Downloading Bill
- Payment Overdue
- FAQs
Getting Started
- Console
- Getting Started with COSBrowser
User Guide
- Creating Request
- Bucket
- Object
- Data Management
- Batch Operation
- Global Acceleration
- Monitoring and Alarms
- Operations Center
- Data Processing
- Content Moderation
- Smart Toolbox
- Data Processing Workflow
- Application Integration
User Tools
- Tool Overview
- Installation and Configuration of Environment
- COSBrowser
- COSCLI (Beta)
- COSCMD
- COS Migration
- FTP Server
- Hadoop
- COSDistCp
- HDFS TO COS
- GooseFS-Lite Tool
- Online Tools
- Diagnostic Tool
Use Cases
- Overview
- Access Control and Permission Management
- Performance Optimization
- Accessing COS with AWS S3 SDK
- Data Disaster Recovery and Backup
- Domain Name Management Practice
- Image Processing
- Audio/Video Practices
- Workflow
- Direct Data Upload
- Content Moderation
- Data Security
- Data Verification
- Big Data Practice
- COS Cost Optimization Solutions
- Using COS in the Third-party Applications
Migration Guide
Data Lake Storage
- Cloud Native Datalake Storage
- Metadata Accelerator
- GooseFS
Data Processing
- Data Processing Overview
- Image Processing
- Media Processing
- Content Moderation
- File Processing Service
- File Preview
Troubleshooting
- Obtaining RequestId
- Slow Upload over Public Network
- 403 Error for COS Access
- Resource Access Error
- POST Object Common Exceptions
API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Action List
- Service APIs
- Bucket APIs
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Job and Workflow
- Content Moderation APIs
- Cloud Antivirus API
SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- C SDK
- C++ SDK
- .NET(C#) SDK
- Flutter SDK
- Go SDK
- iOS SDK
- Java SDK
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- React Native SDK
- Mini Program SDK
- Harmony SDK
- Endpoint SDK Quality Optimization
- Error Codes
Security and Compliance
- Data Disaster Recovery
- Data Security
- Cloud Access Management
FAQs
- Popular Questions
- General
- Billing
- Domain Name Compliance Issues
- Bucket Configuration
- Domain Names and CDN
- Object Operations
- Logging and Monitoring
- Permission Management
- Data Processing
- Data Security
- Pre-signed URL Issues
- SDKs
- Tools
- APIs
Agreements
Contact Us
Glossary

GET Bucket cors

Download

Mode fokus

Ukuran font

Terakhir diperbarui: 2026-05-19 15:54:16

Feature Description
The GET Bucket cors request is used to query the Cross-Origin Resource Sharing (CORS) access control of a bucket.
﻿
Authorization Description
When you use an authorization policy, set the action to cos:GetBucketCORS. An example is provided below.
{
  "version": "2.0",
  "statement": [
    {
      "action": [
        "name/cos:GetBucketCORS"
      ],
      "effect": "allow",
      "resource": [
        "qcs::cos:ap-beijing:uid/1250000000:examplebucket-1250000000/*"
      ]
    }
  ]
}
For more COS actions, see CAM-supported Business APIs.
Request
Request Example
GET /?cors HTTP/1.1
Host: <BucketName-APPID>.cos.<Region>.myqcloud.com
Date: GMT Date
Authorization: Auth String
Note
Host: <BucketName-APPID>.cos.<Region>.myqcloud.com. Here, <BucketName-APPID> is the bucket name with the APPID suffix, for example, examplebucket-1250000000. For details, see the Bucket Overview > Basic Information and Bucket Overview > Bucket Naming Conventions documents. <Region> is the available region of COS. For details, see the Regions and Access Domains document.
Authorization: Auth String (For details, see Request Signature).
Request Parameter
This API has no request parameters.
Request Header
This API only uses common request headers. For details, see Common Request Headers.
Request Body
This API has no request body.
Response
Response Headers
This API only returns common response headers. For details, see Common Response Headers.
Response Body
Upon a successful query, application/xml data is returned, which contains the complete Cross-Origin Resource Sharing (CORS) configuration information of the bucket.
<?xml version='1.0' encoding='utf-8' ?>
<CORSConfiguration>
    <CORSRule>
        <AllowedOrigin>string</AllowedOrigin>
        <AllowedMethod>enum</AllowedMethod>
        <AllowedMethod>enum</AllowedMethod>
        <AllowedHeader>string</AllowedHeader>
        <AllowedHeader>string</AllowedHeader>
        <ExposeHeader>string</ExposeHeader>
        <ExposeHeader>string</ExposeHeader>
        <MaxAgeSeconds>integer</MaxAgeSeconds>
    </CORSRule>
    <CORSRule>
        <ID>string</ID>
        <AllowedOrigin>string</AllowedOrigin>
        <AllowedOrigin>string</AllowedOrigin>
        <AllowedMethod>enum</AllowedMethod>
        <AllowedMethod>enum</AllowedMethod>
        <AllowedHeader>string</AllowedHeader>
        <ExposeHeader>string</ExposeHeader>
        <ExposeHeader>string</ExposeHeader>
        <MaxAgeSeconds>integer</MaxAgeSeconds>
    </CORSRule>
    <ResponseVary>false</ResponseVary>
</CORSConfiguration>
The detailed node descriptions are as follows:
Node Name (Keyword)
Parent Node
Description
Type
CORSConfiguration
None
Save all information from the GET Bucket cors result.
Container
Content of the CORSConfiguration Container Node:
Node Name (Keyword)
Parent Node
Description
Type
CORSRule
CORSConfiguration
Describes all information of a single Cross-Origin Resource Sharing (CORS) configuration.
Container
ResponseVary
CORSConfiguration
Indicates whether the cross-origin request returns the Vary:Origin header. Supports the Boolean value true|false, where true means it is returned, and false means it is not returned.
Boolean
Content of the CORSRule Container Node:
Node Name (Keyword)
Parent Node
Description
Type
AllowedOrigin
CORSConfiguration.CORSRule
Allowed origins can be * or a wildcard format containing *. Multiple AllowedOrigin entries can be configured in a single CORSRule.
string
AllowedMethod
CORSConfiguration.CORSRule
Allowed HTTP operation methods (Method), which correspond to the Access-Control-Allow-Methods header in the CORS request response. Multiple AllowedMethod entries can be configured in a single CORSRule. Enumerated values: PUT, GET, POST, DELETE, HEAD
enum
AllowedHeader
CORSConfiguration.CORSRule
Custom HTTP request headers that are allowed to be carried when a browser sends a CORS request. These headers are case-insensitive and can be *. Multiple AllowedHeader entries can be configured in a single CORSRule.
string
ExposeHeader
CORSConfiguration.CORSRule
Headers in the CORS request response that are allowed to be obtained by the browser. These headers are case-insensitive. Multiple ExposeHeader entries can be configured in a single CORSRule.
string
MaxAgeSeconds
CORSConfiguration.CORSRule
The validity period of the Cross-Origin Resource Sharing configuration, measured in seconds, corresponds to the Access-Control-Max-Age header in the CORS request response. Only one MaxAgeSeconds can be configured for a single CORSRule.
integer
ID
CORSConfiguration.CORSRule
The ID configured for a single CORSRule. The existence of this node depends on whether an ID was specified when the PUT Bucket cors request is used to set the bucket's Cross-Origin Resource Sharing configuration. A single CORSRule can be configured with at most one ID.
string
Error Codes
This API follows unified error responses and error codes. For details, see Error Codes.
Practical Case
Request
GET /?cors HTTP/1.1
Host: examplebucket-1250000000.cos.ap-beijing.myqcloud.com
Date: Thu, 09 Jul 2020 11:15:12 GMT
Authorization: q-sign-algorithm=sha1&q-ak=************************************&q-sign-time=1594293312;1594300512&q-key-time=1594293312;1594300512&q-header-list=date;host&q-url-param-list=cors&q-signature=****************************************
Connection: close
Response
HTTP/1.1 200 OK
Content-Type: application/xml
Content-Length: 1196
Connection: close
Date: Thu, 09 Jul 2020 11:15:12 GMT
Server: tencent-cos
x-cos-request-id: NWYwNmZjNDBfN2ViMTJhMDlfZDNjOV8xYjdk****
﻿
<?xml version='1.0' encoding='utf-8' ?>
<CORSConfiguration>
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>HEAD</AllowedMethod>
        <AllowedHeader>Range</AllowedHeader>
        <AllowedHeader>x-cos-server-side-encryption-customer-algorithm</AllowedHeader>
        <AllowedHeader>x-cos-server-side-encryption-customer-key</AllowedHeader>
        <AllowedHeader>x-cos-server-side-encryption-customer-key-MD5</AllowedHeader>
        <ExposeHeader>Content-Length</ExposeHeader>
        <ExposeHeader>ETag</ExposeHeader>
        <ExposeHeader>x-cos-meta-author</ExposeHeader>
        <MaxAgeSeconds>600</MaxAgeSeconds>
    </CORSRule>
    <CORSRule>
        <ID>example-id</ID>
        <AllowedOrigin>https://example.com</AllowedOrigin>
        <AllowedOrigin>https://example-1.com</AllowedOrigin>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>GET</AllowedMethod>
        ...
        <AllowedMethod>HEAD</AllowedMethod>
        <AllowedHeader>*</AllowedHeader>
        <ExposeHeader>Content-Length</ExposeHeader>
        <ExposeHeader>ETag</ExposeHeader>
        <ExposeHeader>x-cos-meta-author</ExposeHeader>
        <MaxAgeSeconds>600</MaxAgeSeconds>
    </CORSRule>
</CORSConfiguration>
﻿

Bantuan dan Dukungan

Apakah halaman ini membantu?

Anda juga dapat Menghubungi Penjualan atau Mengirimkan Tiket untuk meminta bantuan.

masukan

tencent cloud

Cloud Object Storage

GET Bucket cors

Feature Description

Authorization Description

Request

Request Example

Request Parameter

Request Header

Request Body

Response

Response Headers

Response Body

Error Codes

Practical Case

Request

Response

Bantuan dan Dukungan

Node Name (Keyword)	Parent Node	Description	Type
CORSConfiguration	None	Save all information from the GET Bucket cors result.	Container