Cross-Origin Access

Cross-Origin Access (CORS) refers to the operation where a user requests resources from another domain from a web page of one domain. Usually, browsers restrict such cross-origin access for security reasons. To solve this problem, US3 provides a cross-origin access policy management function, allowing you to restrict cross-origin access permissions.

When US3 receives a cross-origin request, it will read the list of cross-origin access policies configured for the storage space, match each policy one by one according to the Origin, and the first policy that meets the conditions will be added to the CORS-related Header and returned to the user.

Setting Cross-Origin Access Policies

Select the corresponding space and click the Cross-Origin Settings button in the right-side operations.

Click the Create Policy button to open the create cross-origin access policy interface.

1. Origin: You can enter the origins allowed for cross-origin requests. Multiple origins can be set, one per line, with a maximum of one wildcard (*) per line.

2. Allow Methods: You can select the allowed cross-origin request methods.

3. Allow-Headers: You can enter the allowed cross-origin request headers. Multiple headers can be set, one per line, with a maximum of one wildcard (*) per line.

4. Expose-Headers: You can enter the response headers allowed to be accessed from the application. Multiple headers can be set, one per line, and wildcards (*) are not allowed.

Cross-origin access policies take effect by default after being added. You can perform operations such as editing and deleting via other buttons in the operation bar.

Notes

1. Each storage space can be configured with a maximum of 10 cross-origin access policies.