• Object Storage Service

obs
  1. Help Center
  2. Object Storage Service
  3. API Reference (OBS)
  4. Operations on Objects
  5. OPTIONS Object
  6. Responses

Responses

Syntax

HTTP/1.1 status_code 
 Server: server
 x-amz-request-id: request id 
 x-amz-id-2: id 
 Content-Type: type 
 Access-Control-Allow-Origin: origin 
 Access-Control-Allow-Methods: method 
 Access-Control-Allow-Header: header 
 Access-Control-Max-Age: seconds 
 Access-Control-Expose-Headers: header 
 Date: date 
 Content-Length: length

Response Headers

Table 1 lists the request headers.

Table 1 CORS request headers

Header

Description

Access-Control-Allow-Origin

If the origin of a request meets server CORS configuration requirements, the response contains the origin.

Type: String

Access-Control-Allow-Headers

If the headers of a request meet server CORS configuration requirements, the response contains the headers.

Type: String

Access-Control-Max-Age

Indicates MaxAgeSeconds in the CORS configuration of a server.

Type: Integer

Access-Control-Allow-Methods

If the Access-Control-Request-Method of a request meets server CORS configuration requirements, the response contains the methods in the rule.

Type: String

Valid values: GETPUTHEADPOST, and DELETE

Access-Control-Expose-Headers

Indicates ExposeHeader in the CORS configuration of a server.

Type: String

Response Elements

This response involves no elements.

Error Responses

Table 2 describes possible special errors in the request.

Table 2 Special errors

Error Code

Description

HTTP Status Code

Bad Request

Invalid Access-Control-Request-Method: null

When CORS and OPTIONS are configured for a bucket, no method header is added.

400 Bad Request

Bad Request

Insufficient information. Origin request header needed.

When CORS and OPTIONS are configured for a bucket, no origin header is added.

400 Bad Request

AccessForbidden

CORSResponse: This CORS request is not allowed. This is usually because the evaluation of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.

When CORS and OPTIONS are configured for a bucket, origin, method, and headers do not match any rule.

403 Forbidden

For details about other errors, see Table 1.