vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/s3api/en-us_topic_0125560464.html
Jawei, Li 1a4c1a720a OBS s3api 2.0.38.SP5 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Jawei, Li <lijiawei5@huawei.com>
Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
2022-11-16 14:51:13 +00:00

16 KiB
Raw Permalink Blame History

OPTIONS Bucket

OPTIONS refers to pre-requests that are sent to servers by clients. Generally, you can use these requests to check whether clients have permission to perform operations on servers. Only after a pre-request is returned successfully, clients start to execute the follow-up requests.

OBS allows buckets to store static web resources. The buckets of OBS can serve as website resources if the buckets are properly used. In this scenario, buckets in OBS serve as servers to process OPTIONS pre-requests from clients.

OBS can process OPTIONS pre-requests only after CORS is configured for buckets in OBS. For details about CORS, see section PUT Bucket CORS.

Request Syntax

OPTIONS / HTTP/1.1
 User-Agent: agent 
 Host: bucketname.obs.example.com 
 Accept: */*
 Date: date 
 Authorization: authorization 
 Origin: origin 
 Access-Control-Request-Method: method

Request Parameters

This request involves no parameters.

Request Headers

Table 1 lists the request headers.

Table 1 OPTIONS request headers

Header

Description

Remarks

Origin

Indicates an origin specified by a pre-request. Generally, it is a domain name.

Type: String

Mandatory

Access-Control-Request-Method

Indicates an HTTP method that can be used by a request. The request can use multiple method headers.

Type: String

Valid values: GET, PUT, HEAD, POST, and DELETE

Mandatory

Access-Control-Request-Headers

Indicates the HTTP headers of a request. The request can use multiple HTTP headers.

Type: String

Optional

x-amz-security-token

Header field used to identify the request of a federated user. When the federal authentication function is enabled, users sending such requests are identified as federated users.

Type: string

Optional. This parameter must be carried in the request sent by federated users.

Request Elements

This request involves no elements.

Response Syntax

HTTP/1.1 status_code 
 x-amz-request-id: request id 
 x-amz-id-2: id  
 Access-Control-Allow-Origin: origin 
 Access-Control-Allow-Methods: method 
 Access-Control-Allow-Header: header 
 Access-Control-Max-Age: seconds 
 Access-Control-Expose-Headers: header 
 Date: date 
 Content-Length: length

Response Headers

Table 2 lists the response headers.

Table 2 CORS response headers

Header

Description

Access-Control-Allow-Origin

If the origin of a request meets server CORS configuration requirements, the response contains the origin.

Type: String

Access-Control-Allow-Headers

If the headers of a request meet server CORS configuration requirements, the response contains the headers.

Type: String

Access-Control-Max-Age

Indicates MaxAgeSeconds in the CORS configuration of a server.

Type: Integer

Access-Control-Allow-Methods

If the Access-Control-Request-Method of a request meets server CORS configuration requirements, the response contains the methods in the rule.

Type: String

Valid values: GET, PUT, HEAD, POST, and DELETE

Access-Control-Expose-Headers

Indicates ExposeHeader in the CORS configuration of a server.

Type: String

Response Elements

This response involves no elements.

Error Responses

For details about other errors, see Table 1. In addition, this response also may contain special errors, as described in Table 3.

Table 3 Special errors

Error Code

Description

HTTP Status Code

Bad Request

Invalid Access-Control-Request-Method: null

When CORS and OPTIONS are configured for a bucket, no method header is added.

400 Bad Request

Bad Request

Insufficient information. Origin request header needed.

When CORS and OPTIONS are configured for a bucket, no origin header is added.

400 Bad Request

AccessForbidden

CORSResponse: This CORS request is not allowed. This is usually because the evaluation of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.

When CORS and OPTIONS are configured for a bucket, origin, method, and headers do not match any rule.

403 Forbidden

Sample Request

OPTIONS / HTTP/1.1 
 User-Agent: curl/7.19.0 (x86_64-suse-linux-gnu) libcurl/7.19.0 OpenSSL/0.9.8{ zlib/1.2.3 libidn/1.10 
 Host: bucketname.obs.example.com
 Accept: */* 
 Date: Tue, 28 Apr 2015 12:43:15 +0000 
 Authorization: AWS D13E0C94E722DD69423C:02VOjl2Z5B7mUd+G6zr0Dql5CW8= 
 Origin:www.example.com 
 Access-Control-Request-Method:HEAD 
 Access-Control-Request-Headers:acc_header_1 
 Access-Control-Request-Headers:acc_header_2

Sample Response

HTTP/1.1 200 OK 
 x-amz-request-id: 0350FC4D73DDA0D3A6FC2CBE01A7943A 
 x-amz-id-2: ANHl/5gbYTwbfQat5+QZpWdnuE5DV83RXCyGZgBrbDVzVtdtGkqb9ZOepAX3Yr/z 
 x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc  
 Access-Control-Allow-Origin: www.example.com 
 Access-Control-Allow-Methods: POST,GET,HEAD,PUT 
 Access-Control-Allow-Headers: acc_header_1,acc_header_2 
 Access-Control-Max-Age: 100 
 Access-Control-Expose-Headers: exp_header_1 
 Date: Tue, 28 Apr 2015 12:45:34 GMT 
 Content-Length: 0
Parent topic: Operations on Buckets