Get bucket CORS

To list a bucket's CORS configuration, you make a GET request that is scoped to a bucket and you use the cors query string parameter. The CORS configuration is returned in an XML document in the response body.

For more information about CORS configuration, see Configuring Cross-Origin Resource Sharing (CORS).

Query string parameters

Parameter Description Required
cors You can use this to display the CORS configuration of an existing bucket. No

See signed URL query string parameters for information on the parameters you include when creating and using signed URLs.

Request headers

See common request headers.

Request body elements

This request does not include an XML document in the request body.

Request syntax

The following syntax applies to GET Bucket requests that use the cors query string parameter.

GET /?cors HTTP/1.1
Date: DATE
Content-Length: 0

Response headers

The request can return a variety of response headers depending on the request headers you use.

Response body elements

The following response body elements are applicable only if you use the cors query string parameter to get the bucket's CORS configuration.

Element Description
CorsConfig Container for one or more Cors configuration containers. If you specify multiple Cors configurations, be aware that the Cors configurations will be evaluated in the order listed within the CorsConfig container, with the first Cors configuration matching the Origin and Method of the request used to determine any CORS response headers to add to the response.
Cors Container for a CORS configuration to be applied to the bucket. You can specify multiple Origins and multiple Methods in each Cors container. There will be a match if the request Origin matches any of the Origins in the Cors container and the request Method matches any of the Methods in the Cors container.
Origins Container for the origins permitted for cross origin resource sharing with this Cloud Storage.
Origin An Origin permitted for cross origin resource sharing with this Cloud Storage bucket. For example,
Methods Container for one or more HTTP Method elements, specifying the methods supported by this CORS configuration.
Method An HTTP method used in this configuration. Valid values are DELETE, GET, HEAD, POST, and PUT. OPTIONS is interpreted as a preflight request, so you don't need to specify this method in your CORS configuration.
ResponseHeaders Optional container for one or more ResponseHeader elements.
ResponseHeader Specifies a response header that the user agent is permitted to share across origins.
MaxAgeSec A value indicating the number of seconds that the user agent is permitted to cache the response. This element is optional; if omitted, the service uses a default value. If specified more than once, the last element is silently accepted. The value is returned in the Access-Control-Max-Age header in responses to preflight requests.