• Object Storage Service

obs
  1. Help Center
  2. Object Storage Service
  3. API Reference (OBS)
  4. Operations on Buckets
  5. OPTIONS Bucket
  6. Responses

Responses

Syntax

HTTP/1.1 status_code 
 x-amz-request-id: request id 
 x-amz-id-2: id  
 Access-Control-Allow-Origin: origin 
 Access-Control-Allow-Methods: method 
 Access-Control-Allow-Header: header 
 Access-Control-Max-Age: seconds 
 Access-Control-Expose-Headers: header 
 Date: date 
 Content-Length: length

Response Headers

Table 1 lists the response headers.

Table 1 CORS response headers

Header

Description

Access-Control-Allow-Origin

If the origin of a request meets server CORS configuration requirements, the response contains the origin.

Type: String

Access-Control-Allow-Headers

If the headers of a request meet server CORS configuration requirements, the response contains the headers.

Type: String

Access-Control-Max-Age

Indicates MaxAgeSeconds in the CORS configuration of a server.

Type: Integer

Access-Control-Allow-Methods

If the Access-Control-Request-Method of a request meets server CORS configuration requirements, the response contains the methods in the rule.

Type: String

Valid values: GETPUTHEADPOST, and DELETE

Access-Control-Expose-Headers

Indicates ExposeHeader in the CORS configuration of a server.

Type: String

Response Elements

This response involves no elements.

Error Responses

For details about other errors, see Table 1. In addition, this response also may contain special errors, as described in Table 2.

Table 2 Special errors

Error Code

Description

HTTP Status Code

Bad Request

Invalid Access-Control-Request-Method: null

When CORS and OPTIONS are configured for a bucket, no method header is added.

400 Bad Request

Bad Request

Insufficient information. Origin request header needed.

When CORS and OPTIONS are configured for a bucket, no origin header is added.

400 Bad Request

AccessForbidden

CORSResponse: This CORS request is not allowed. This is usually because the evaluation of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.

When CORS and OPTIONS are configured for a bucket, origin, method, and headers do not match any rule.

403 Forbidden