To list a bucket's CORS configuration, you make a GET request that is
scoped to a bucket and you use the cors
query string parameter.
The CORS configuration is returned in an XML document in the response body.
For more information about CORS configuration, see Configuring Cross-Origin Resource Sharing (CORS).
Query string parameters
Parameter | Description | Required |
---|---|---|
cors |
You can use this to display the CORS configuration of an existing bucket. | No |
Request headers
Request body elements
This request does not include an XML document in the request body.
Request syntax
The following syntax applies to GET Bucket requests that use the
cors
query string parameter.
GET /?cors HTTP/1.1 Host: <bucket>.storage.googleapis.com Date: <date> Content-Length: <request body length> Authorization: <authentication string>
Response headers
The request can return a variety of response headers depending on the request headers you use.
Response body elements
The following response body elements are applicable only if you use the
cors
query string parameter to get the bucket's CORS configuration.
Element | Description |
---|---|
CorsConfig |
Container for one or more Cors configuration containers. If you specify multiple Cors configurations, be aware that the Cors configurations will be evaluated in the order listed within the CorsConfig container, with the first Cors configuration matching the Origin and Method of the request used to determine any CORS response headers to add to the response. | Cors |
Container for a CORS configuration to be applied to the bucket. You can specify multiple Origins and multiple Methods in each Cors container. There will be a match if the request Origin matches any of the Origins in the Cors container and the request Method matches any of the Methods in the Cors container. |
Origins |
Container for the origins permitted for cross origin resource sharing with this Cloud Storage. |
Origin |
An Origin permitted for cross origin resource sharing with this Cloud Storage bucket. For example, http://origin1.example.com . |
Methods |
Container for one or more HTTP Method elements, specifying the methods supported by this CORS configuration. |
Method |
An HTTP method supported in this configuration. Valid values are GET, HEAD, PUT, POST, and DELETE. |
ResponseHeaders |
Optional container for one or more ResponseHeader elements. |
ResponseHeader |
Specifies a response header that the user agent is permitted to share across origins. |
MaxAgeSec |
A value indicating the number of seconds that the user agent is permitted to cache the response. This element is optional; if omitted, the service uses a default value. If specified more than once, the last element is silently accepted. The value is returned in the Access-Control-Max-Age header in responses to preflight requests. |