AI Model Hub for free till June 30, 2025.
Try now
Test nowLog inShare Feedback

CORS

Cross Origin Resource Sharing Configuration

GetBucketCors

get

Returns the cors configuration information set for the bucket. To use this operation, you must have permission to perform the GetBucketCORS operation. By default, the bucket owner has this permission and can grant it to others.

S3 API Compatibility - The x-amz-expected-bucket-owner header isn't supported.

Authorizations
Path parameters
Bucketstring · min: 3 · max: 63Required

The bucket name.

Example: my-bucket
Query parameters
corsboolean · enumRequiredPossible values:
Responses
200
Success
application/xml
get
GET /{Bucket} HTTP/1.1
Host: s3.eu-central-3.ionoscloud.com
Authorization: YOUR_API_KEY
Accept: */*
200

Success

<CORSConfiguration>
    <CORSRule>
        <AllowedOrigin>https://www.domain.com</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

PutBucketCors

put

Sets the `CORS` configuration for your bucket. If the configuration exists, it will be overwritten and replaced.

To use this operation, you must be allowed to perform the `PutBucketCORS` operation. By default, the bucket owner has this permission and can grant it to others.

You set this configuration on a bucket so that the bucket can service cross-origin requests. For example, you might want to enable a request whose origin is `http://www.example.com` to access your IONOS Object Storage bucket at `my.example.bucket.com` by using the browser's `XMLHttpRequest` capability.

To enable cross-origin resource sharing (CORS) on a bucket, you add the `cors` subresource to the bucket. The `cors` subresource is an XML document in which you configure rules that identify origins and the HTTP methods that can be executed on your bucket. The document is limited to 64 KB in size.

When IONOS Object Storage receives a cross-origin request (or a pre-flight OPTIONS request) against a bucket, it evaluates the `cors` configuration on the bucket and uses the first `CORSRule` rule that matches the incoming browser request to enable a cross-origin request. For a rule to match, the following conditions must be met:

  • The request's `Origin` header must match `AllowedOrigin` elements.

  • The request method (for example, GET, PUT, HEAD, and so on) or the `Access-Control-Request-Method` header in case of a pre-flight `OPTIONS` request must be one of the `AllowedMethod` elements.

  • Every header specified in the `Access-Control-Request-Headers` request header of a pre-flight request must match an `AllowedHeader` element.

Authorizations
Path parameters
Bucketstring · min: 3 · max: 63Required

The bucket name.

Example: my-bucket
Query parameters
corsboolean · enumRequiredPossible values:
Header parameters
Content-MD5stringOptional

The base64 encoded MD5 digest of the message (without the headers) according to RFC 1864.

Body
Responses
200
Success
put
PUT /{Bucket} HTTP/1.1
Host: s3.eu-central-3.ionoscloud.com
Authorization: YOUR_API_KEY
Content-Type: application/xml
Accept: */*
Content-Length: 227

"<CORSConfiguration>
    <CORSRule>
        <AllowedOrigin>https://www.domain.com</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>
"
200

Success

No content

DeleteBucketCors

delete

Deletes the CORS configuration information set for the bucket.

To use this operation, you must have permission to perform the PutBucketCORS operation. The bucket owner has this permission by default and can grant this permission to others.

S3 API Compatibility - The x-amz-expected-bucket-owner header isn't supported.

Authorizations
Path parameters
Bucketstring · min: 3 · max: 63Required

The bucket name.

Example: my-bucket
Query parameters
corsboolean · enumRequiredPossible values:
Responses
204
Success
delete
DELETE /{Bucket} HTTP/1.1
Host: s3.eu-central-3.ionoscloud.com
Authorization: YOUR_API_KEY
Accept: */*
204

Success

No content
PreviousObjectsNextEncryption

Was this helpful?