GetBucketCors
Returns the Cross-Origin Resource Sharing (CORS) configuration information set for the bucket.
To use this operation, you must have permission to perform the
s3:GetBucketCORS
action. By default, the bucket owner has this permission
and can grant it to others.
For more information about CORS, see Enabling Cross-Origin Resource Sharing.
The following operations are related to GetBucketCors
:
Request Syntax
GET /?cors HTTP/1.1
Host: Bucket
.s3.amazonaws.com
x-amz-expected-bucket-owner: ExpectedBucketOwner
URI Request Parameters
The request uses the following URI parameters.
- Bucket
-
The bucket name for which to get the cors configuration.
Required: Yes
- x-amz-expected-bucket-owner
-
The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code
403 Forbidden
(access denied).
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration>
<CORSRule>
<AllowedHeader>string</AllowedHeader>
...
<AllowedMethod>string</AllowedMethod>
...
<AllowedOrigin>string</AllowedOrigin>
...
<ExposeHeader>string</ExposeHeader>
...
<ID>string</ID>
<MaxAgeSeconds>integer</MaxAgeSeconds>
</CORSRule>
...
</CORSConfiguration>
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
- CORSConfiguration
-
Root level tag for the CORSConfiguration parameters.
Required: Yes
- CORSRule
-
A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.
Type: Array of CORSRule data types
Examples
Configure CORS Sample Request
The following PUT request adds the cors
subresource to a bucket
(examplebucket)
.
PUT /?cors HTTP/1.1 Host: examplebucket.s3.<Region>.amazonaws.com x-amz-date: Tue, 21 Aug 2012 17:54:50 GMT Content-MD5: 8dYiLewFWZyGgV2Q5FNI4W== Authorization: authorization string Content-Length: 216 <CORSConfiguration> <CORSRule> <AllowedOrigin>http://www.example.com</AllowedOrigin> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>DELETE</AllowedMethod> <AllowedHeader>*</AllowedHeader> <MaxAgeSeconds>3000</MaxAgeSec> <ExposeHeader>x-amz-server-side-encryption</ExposeHeader> </CORSRule> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedHeader>*</AllowedHeader> <MaxAgeSeconds>3000</MaxAgeSeconds> </CORSRule> </CORSConfiguration>
Example
This is the sample response to the preceding request.
HTTP/1.1 200 OK x-amz-id-2: CCshOvbOPfxzhwOADyC4qHj/Ck3F9Q0viXKw3rivZ+GcBoZSOOahvEJfPisZB7B x-amz-request-id: BDC4B83DF5096BBE Date: Tue, 21 Aug 2012 17:54:50 GMT Server: AmazonS3
Sample Request: Retrieve cors subresource
The following example gets the cors subresource of a bucket.
GET /?cors HTTP/1.1 Host: examplebucket.s3.<Region>.amazonaws.com Date: Tue, 13 Dec 2011 19:14:42 GMT Authorization: signatureValue
Example
Sample Response
HTTP/1.1 200 OK x-amz-id-2: 0FmFIWsh/PpBuzZ0JFRC55ZGVmQW4SHJ7xVDqKwhEdJmf3q63RtrvH8ZuxW1Bol5 x-amz-request-id: 0CF038E9BCF63097 Date: Tue, 13 Dec 2011 19:14:42 GMT Server: AmazonS3 Content-Length: 280 <CORSConfiguration> <CORSRule> <AllowedOrigin>http://www.example.com</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <MaxAgeSeconds>3000</MaxAgeSec> <ExposeHeader>x-amz-server-side-encryption</ExposeHeader> </CORSRule> </CORSConfiguration>
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: