• Object Storage Service

  1. Help Center
  2. Object Storage Service
  3. Developer Guide (PHP SDK)
  4. CORS
  5. Setting CORS Rules

Setting CORS Rules

You can call ObsClient->setBucketCors to set CORS rules for a bucket. If the bucket is configured with CORS rules, the newly set ones will overwrite the existing ones. Sample code is as follows:

// Import the third-party open source libraries.
require 'vendor/autoload.php';
// Import the SDK code library.
require 'obs-autoloader.php';
// Declare the namespace.
use Obs\S3\ObsClient;
// Create an instance of ObsClient.
$obsClient = new ObsClient ( [ 
       'key' => '*** Provide your Access Key ***',
       'secret' => '*** Provide your Secret Key ***',
       'endpoint' => 'https://yourdomainname'
] );

$resp = $obsClient->setBucketCors ( [ 
       'Bucket' => 'bucketname',
       'CorsRule' => [ 
                           'ID' => 'rule1',
                           //Specify the request method, which can be GET, PUT, DELETE, POST, or HEAD.
                           'AllowedMethod' => [ 'GET','HEAD','PUT'],
                           //Specify the origin of the cross-domain request.
                           'AllowedOrigin' => ['http://www.a.com', 'http://www.b.com'],
                           // Specify whether headers specified in Access-Control-Request-Headers in the OPTIONS request can be used. 
                           'AllowedHeader' => [ 'x-obs-header'],
                           // Specify response headers that users can access using application programs.
                           'ExposeHeader' => ['x-obs-expose-header'],
                           // Specify the browser's cache time of the returned results of OPTIONS requests for specific resources, in seconds.
                           'MaxAgeSeconds' => 60 
] );
printf ( "RequestId:%s\n", $resp ['RequestId'] );
  • Use the CorsRule parameter to set CORS rules of a bucket.
  • Both AllowedOrigin and AllowedHeader can contain up to one wildcard character (*). The wildcard character (*) indicates that all origins or headers are allowed.