Cross-Domain Access
Cross-Origin Resource Sharing (CORS) refers to the operation where a user requests resources from another domain name via a web page of a certain domain name. Usually, browsers limit such cross-domain access for security reasons. To solve this problem, US3 provides cross-domain access policy management features to conveniently limit the permissions of cross-domain access.
When US3 receives a cross-domain request, it will read the cross-domain access policy list that has been configured for the storage space and match each policy one by one according to the source (Origin). The information of the first policy that matches the conditions will be added to the CORS-related Header and returned to the user.
Setting Cross-Domain Access Policy
Select the corresponding space, and choose the Cross-Domain Settings button in the right-hand side operation.
Click the Create Policy button, and a new cross-domain access policy interface will pop up.
-
Origin: Users can fill in the source that allows cross-domain requests. Multiple can be set, one per line, and at most one wildcard (*) per line.
-
Allow-Methods: Users can select the methods allowed for cross-domain requests.
-
Allow-Headers: Users can fill in the headers allowed for cross-domain requests. Multiple can be set, one per line, and at most one wildcard (*) per line.
-
Expose-Headers: Users can fill in the response headers that can be accessed from the application. Multiple can be set, one per line, but wildcards (*) are not allowed.
After the cross-domain access policy is added, it will take effect by default. You can use the other buttons under the operation bar to perform corresponding editing and deleting operations.
Notes
- A maximum of 10 cross-domain access policies can be configured for each storage space.