S3 Bucket Cors Operations:Get Bucket CORS

Search (SHIFT+S)

New in this release

Get Bucket CORS

GET /?cors

Retrieves The CORS configuration for the bucket.

URL Format

Host Style: http://bucketname.ns1.emc.com/?cors
Path Style: http://ns1.emc.com/bucketname?cors

Request Headers

x-amz-date optionalThe timestamp of the request added by the requester. Example: Tue, 03 Sept 2013 12:00:00 GMT. If the Authorization header is specified, you must specify either the x-amz-date or the Date header. If both the headers are specified, the value of x-amz-date header is chosen.
Authorization requiredInformation needed to authenticate requests.


The following conditions must be met in order to call this operation.

  • Only the owner of the bucket or a user having permission can retrieve the CORS configuration for the bucket.

  • BaseUrl used in a host-style request URL should be pre-configured using the ECS Management API or the ECS Portal (for example, emc.com in the URL: bucketname.ns1.emc.com).

  • Namespace corresponding to this bucket should exist (for example, ns1).

Response Body

Field Description Type Notes
<CORSRule>     0-* Elements
<AllowedMethod> An HTTP method that the origin is allowed to use. Each CORS rule consists of at least one origin and one method String 0-* Elements
Valid Values:
<AllowedOrigin> An Origin, from where cross-domain requests are allowed String 0-* Elements
Valid Values:
  •  Can contain at most one '*' wild character. For example "http://*.emc.com". A value of only "*" can also be specified to allow all origins to send cross-domain requests
<AllowedHeader> Specifies the allowed headers in a pre-flight OPTIONS request via the Access-Control-Request-Headers header. Each header specified in Access-Control-Request-Headers must match an AllowedHeader element String 0-* Elements
Valid Values:
  •  Can contain at most one '*' wild character
<MaxAgeSeconds> The amount of time in seconds that a browser can cache a pre-flight response for a specific resource. A rule can contain at most one MaxAgeSeconds element String Valid Values:
  •  Integer value in seconds
<ExposeHeader> A header in the response that a customer can access from their application String 0-* Elements
<ID> The rule's unique identifier String Valid Values:
  •  value is less than or equal to 255 characters