您可以通过 SDK 接口设置跨域访问 CORS(Cross-Origin Resource Sharing)规则,当 TOS 收到跨域请求或 OPTIONS 请求时,会读取存储桶对应的 CORS 规则,进行相应的权限检查并返回相应的 Header,保证跨域传输数据的安全性。本文介绍如何配置桶的跨区域资源共享。
注意
为存储桶设置跨域资源共享规则前,您必须具有 tos:PutBucketCORS 权限,具体操作,请参见权限配置指南。
以下代码用于设置桶的跨域资源共享规则。
package main import ( "context" "fmt" "net/http" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" ) func checkErr(err error) { if err != nil { if serverErr, ok := err.(*tos.TosServerError); ok { fmt.Println("Error:", serverErr.Error()) fmt.Println("Request ID:", serverErr.RequestID) fmt.Println("Response Status Code:", serverErr.StatusCode) fmt.Println("Response Header:", serverErr.Header) fmt.Println("Response Err Code:", serverErr.Code) fmt.Println("Response Err Msg:", serverErr.Message) } else if clientErr, ok := err.(*tos.TosClientError); ok { fmt.Println("Error:", clientErr.Error()) fmt.Println("Client Cause Err:", clientErr.Cause.Error()) } else { fmt.Println("Error:", err) } panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") // Bucket 对应的 Endpoint,以华北2(北京)为例:https://tos-cn-beijing.volces.com endpoint = "https://tos-cn-beijing.volces.com" region = "cn-beijing" // 填写 BucketName bucketName = "*** Provide your bucket name ***" ctx = context.Background() ) // 初始化客户端 client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) corsRule1 := tos.CorsRule{ // 设置允许访问的来源,* 表示允许所有请求 AllowedOrigin: []string{"*"}, // 设置允许的方法,例如:GET、PUT、HEAD、POST、DELETE AllowedMethod: []string{http.MethodGet, http.MethodPut}, // 设置请求可以使用哪些自定义的 HTTP 请求头部 AllowedHeader: []string{"header1", "header2"}, // 设置浏览器可以接收到的来自服务器端的自定义头部信息 ExposeHeader: []string{"tos-1", "tos-2"}, // 设置 OPTIONS 请求得到结果的有效期 MaxAgeSeconds: 100, } corsRule2 := tos.CorsRule{ AllowedOrigin: []string{"http://example.com", "http://www.volcengine.com"}, AllowedMethod: []string{http.MethodGet, http.MethodPut}, AllowedHeader: []string{"header1", "header2"}, ExposeHeader: []string{"tos-1", "tos-2"}, MaxAgeSeconds: 100, } // 设置跨域访问规则 putOutput, err := client.PutBucketCORS(ctx, &tos.PutBucketCORSInput{ Bucket: bucketName, CORSRules: []tos.CorsRule{corsRule1, corsRule2}, }) checkErr(err) fmt.Println("PutBucketCORS Request ID:", putOutput.RequestID) }
注意
设置存储桶设置跨域资源共享规则前,您必须具有 tos:GetBucketCORS 权限,具体操作,请参见权限配置指南。
以下代码用于获取桶的跨域资源共享规则。
package main import ( "context" "fmt" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" ) func checkErr(err error) { if err != nil { if serverErr, ok := err.(*tos.TosServerError); ok { fmt.Println("Error:", serverErr.Error()) fmt.Println("Request ID:", serverErr.RequestID) fmt.Println("Response Status Code:", serverErr.StatusCode) fmt.Println("Response Header:", serverErr.Header) fmt.Println("Response Err Code:", serverErr.Code) fmt.Println("Response Err Msg:", serverErr.Message) } else if clientErr, ok := err.(*tos.TosClientError); ok { fmt.Println("Error:", clientErr.Error()) fmt.Println("Client Cause Err:", clientErr.Cause.Error()) } else { fmt.Println("Error:", err) } panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") // Bucket 对应的 Endpoint,以华北2(北京)为例:https://tos-cn-beijing.volces.com endpoint = "https://tos-cn-beijing.volces.com" region = "cn-beijing" // 填写 BucketName bucketName = "*** Provide your bucket name ***" ctx = context.Background() ) // 初始化客户端 client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) // 查询跨域访问规则 getOutput, err := client.GetBucketCORS(ctx, &tos.GetBucketCORSInput{Bucket: bucketName}) checkErr(err) fmt.Println("GetBucketCORS Request ID:", getOutput.RequestID) fmt.Println("CORS Length:", len(getOutput.CORSRules)) // 查看跨域访问规则详细信息 for _, corsRule := range getOutput.CORSRules { fmt.Println("cors Rule AllowedOrigin:", corsRule.AllowedOrigin) fmt.Println("cors Rule AllowedHeader:", corsRule.AllowedHeader) fmt.Println("cors Rule ExposeHeader:", corsRule.ExposeHeader) fmt.Println("cors Rule AllowedMethod:", corsRule.AllowedMethod) fmt.Println("cors Rule MaxAgeSeconds:", corsRule.MaxAgeSeconds) } }
注意
删除桶的跨域资源共享规则前,您必须具有 tos:PutBucketCORS 权限,具体操作,请参见权限配置指南。
以下代码用于删除桶的跨域资源共享规则:
package main import ( "context" "fmt" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" ) func checkErr(err error) { if err != nil { if serverErr, ok := err.(*tos.TosServerError); ok { fmt.Println("Error:", serverErr.Error()) fmt.Println("Request ID:", serverErr.RequestID) fmt.Println("Response Status Code:", serverErr.StatusCode) fmt.Println("Response Header:", serverErr.Header) fmt.Println("Response Err Code:", serverErr.Code) fmt.Println("Response Err Msg:", serverErr.Message) } else if clientErr, ok := err.(*tos.TosClientError); ok { fmt.Println("Error:", clientErr.Error()) fmt.Println("Client Cause Err:", clientErr.Cause.Error()) } else { fmt.Println("Error:", err) } panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") // Bucket 对应的 Endpoint,以华北2(北京)为例:https://tos-cn-beijing.volces.com endpoint = "https://tos-cn-beijing.volces.com" region = "cn-beijing" // 填写 BucketName bucketName = "*** Provide your bucket name ***" ctx = context.Background() ) // 初始化客户端 client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) // 删除跨域访问规则 deleteOut, err := client.DeleteBucketCORS(ctx, &tos.DeleteBucketCORSInput{Bucket: bucketName}) checkErr(err) fmt.Println("DeleteBucketCORS Request ID:", deleteOut.RequestID) }
关于跨域资源共享的更多信息,请参见跨域访问设置。