跨域资源共享

跨域资源共享(CORS)允许web端的应用程序访问不属于本域的资源。MSS提供接口方便开发者控制跨域访问的权限。

设定CORS规则

通过setBucketCors 方法将指定的存储空间上设定一个跨域资源共享CORS的规则,如果原规则存在则覆盖原规则。具体的规则主要通过CORSRule类来进行参数设置。代码如下:

public void setBucketCorsExample(String bucketName){
    try{
        // setBucketCrossOriginConfiguration(String bucketName, BucketCrossOriginConfiguration bucketCrossOriginConfiguration)
        BucketCrossOriginConfiguration coreConfig = new BucketCrossOriginConfiguration();
        List<CORSRule> corsRules = new ArrayList<CORSRule>();
        //rule 设置cors策略
        CORSRule corRule = new CORSRule();
        ArrayList<String> allowedOrigin = new ArrayList<String>();
        //指定允许跨域请求的来源
        allowedOrigin.add( "http://www.b.com");
        List<AllowedMethods> allowedMethod = new ArrayList<AllowedMethods>();
        //指定允许的跨域请求方法(GET/PUT/DELETE/POST/HEAD)
        allowedMethod.add(AllowedMethods.GET);
        ArrayList<String> allowedHeader = new ArrayList<String>();
        //控制在OPTIONS预取指令中Access-Control-Request-Headers头中指定的header是否允许。
        allowedHeader.add("x-mss-test");
        ArrayList<String> exposedHeader = new ArrayList<String>();
        //指定允许用户从应用程序中访问的响应头
        exposedHeader.add("x-mss-test1");
        corRule.setAllowedMethods(allowedMethod);
        corRule.setAllowedOrigins(allowedOrigin);
        corRule.setAllowedHeaders(allowedHeader);
        corRule.setExposedHeaders(exposedHeader);
        //指定浏览器对特定资源的预取(OPTIONS)请求返回结果的缓存时间,单位为秒。
        corRule.setMaxAgeSeconds(10);

        corsRules.add(corRule);
        coreConfig.setRules(corsRules);
        s3client.setBucketCrossOriginConfiguration(bucketName,coreConfig);


    }catch (AmazonServiceException ase) {
        //存储服务端处理异常
        System.out.println("Caught an ServiceException.");
        System.out.println("Error Message:    " + ase.getMessage());
        System.out.println("HTTP Status Code: " + ase.getStatusCode());
        System.out.println("Error Code:   " + ase.getErrorCode());
        System.out.println("Error Type:       " + ase.getErrorType());
        System.out.println("Request ID:       " + ase.getRequestId());
    }catch (AmazonClientException ace) {
        //客户端处理异常
        System.out.println("Caught an ClientException.");
        System.out.println("Error Message: " + ace.getMessage());
    }
}

获取CORS规则

我们可以参考存储空间的CORS规则,通过GetBucketCors方法。代码如下:

public void  getBucketCorsExample(String bucketName){
    try{
        BucketCrossOriginConfiguration config = s3client.getBucketCrossOriginConfiguration(bucketName);
        if (config != null){
            for (CORSRule rule : config.getRules()) {
                System.out.println(rule.getId());
                System.out.println(rule.getAllowedHeaders());
                System.out.println(rule.getAllowedMethods());
                System.out.println(rule.getAllowedOrigins());
                System.out.println(rule.getExposedHeaders());
                System.out.println(rule.getMaxAgeSeconds());
            }
        }
    }catch (AmazonServiceException ase) {
        //存储服务端处理异常
        System.out.println("Caught an ServiceException.");
        System.out.println("Error Message:    " + ase.getMessage());
        System.out.println("HTTP Status Code: " + ase.getStatusCode());
        System.out.println("Error Code:   " + ase.getErrorCode());
        System.out.println("Error Type:       " + ase.getErrorType());
        System.out.println("Request ID:       " + ase.getRequestId());
    }catch (AmazonClientException ace) {
        //客户端处理异常
        System.out.println("Caught an ClientException.");
        System.out.println("Error Message: " + ace.getMessage());
    }
}

删除CORS规则

用于关闭指定存储空间对应的CORS并清空所有规则。

public void deleteBucketCorsExample(String bucketName){
    try{
        s3client.deleteBucketCrossOriginConfiguration(bucketName);
    }catch (AmazonServiceException ase) {
        //存储服务端处理异常
        System.out.println("Caught an ServiceException.");
        System.out.println("Error Message:    " + ase.getMessage());
        System.out.println("HTTP Status Code: " + ase.getStatusCode());
        System.out.println("Error Code:   " + ase.getErrorCode());
        System.out.println("Error Type:       " + ase.getErrorType());
        System.out.println("Request ID:       " + ase.getRequestId());
    }catch (AmazonClientException ace) {
        //客户端处理异常
        System.out.println("Caught an ClientException.");
        System.out.println("Error Message: " + ace.getMessage());
    }
}