[jira] [Updated] (HDDS-14386) Support bucket CORS configuration

Thu, 08 Jan 2026 18:40:07 -0800 


     [ 
https://issues.apache.org/jira/browse/HDDS-14386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ivan Andika updated HDDS-14386:
-------------------------------
    Summary: Support bucket CORS configuration  (was: Document the recommended 
S3G CORS configuration)

> Support bucket CORS configuration
> ---------------------------------
>
>                 Key: HDDS-14386
>                 URL: https://issues.apache.org/jira/browse/HDDS-14386
>             Project: Apache Ozone
>          Issue Type: Sub-task
>            Reporter: Ivan Andika
>            Assignee: Ivan Andika
>            Priority: Major
>
> Currently, Ozone does not support per-bucket CORS configuration (it depends 
> on the reverse proxy).
> We can implement per-bucket CORS configuration 
> ([https://docs.aws.amazon.com/AmazonS3/latest/userguide/cors.html)] .
> The create flow looks something like 
>  * User uses the S3 API to create the CORS configuration 
> ([https://docs.aws.amazon.com/AmazonS3/latest/userguide/enabling-cors-examples.html)]
>  * S3G parse the request and send the request to OM
>  * OM will update the OmBucketInfo with the CORS policy
> Since S3G will call getBucket, we can return the CORS policy as part of 
> OzoneBucket and use that to create the CORS response.
> For reference, NGINX CORS configuration can look like this to allow S3G to be 
> compatible with CORS.
> {code:java}
> if ($http_origin ~ '^http[s]*://(.*)') {
>     set $cors 'cors';
>     add_header 'Access-Control-Allow-Origin' $http_origin always;
>     add_header 'Access-Control-Allow-Credentials' 'true' always;
>     add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE, 
> PATCH, OPTIONS' always;
>     add_header 'Access-Control-Allow-Headers' 
> $http_access_control_request_headers always;
>     add_header 'Access-Control-Expose-Headers' 'ETag' always;
> }
> if ($request_method = 'OPTIONS') {
>     set $cors '${cors}_options';
> }
> if ($cors = 'cors_options') {
>     add_header 'Access-Control-Allow-Origin' $http_origin always;
>     add_header 'Access-Control-Allow-Credentials' 'true' always;
>     add_header 'Access-Control-Allow-Methods' 'PUT, GET, POST, HEAD, DELETE, 
> PATCH, OPTIONS' always;
>     add_header 'Access-Control-Allow-Headers' 
> $http_access_control_request_headers always;
>     add_header 'Access-Control-Expose-Headers' 'ETag' always;
>     return 204;
> } {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to