桶(Bucket)是 TOS 的全局唯一的命名空间,相当于数据的容器,用来储存对象(Object)数据。TOS 支持设置桶的跨域访问 CORS(Cross-Origin Resource Sharing)规则。当 TOS 收到跨域请求或 OPTIONS 请求时,会读取桶对应的 CORS 规则,进行相应的权限检查并返回相应的 Header,保证跨域传输数据的安全性。本文介绍如何通过 TOS Java SDK 管理桶的跨区域资源共享配置。
您可以通过 TOS Java SDK 的 putBucketCORS
接口设置指定桶的跨域资源共享规则。
注意
要为桶设置跨域资源共享规则,您的账号必须具备 tos:PutBucketCORS
权限,具体操作请参见权限配置指南。
以下代码展示如何设置指定桶的跨域资源共享规则。
import com.volcengine.tos.TOSV2; import com.volcengine.tos.TOSV2ClientBuilder; import com.volcengine.tos.TosClientException; import com.volcengine.tos.TosServerException; import com.volcengine.tos.model.bucket.*; import java.util.ArrayList; import java.util.List; public class PutBucketCORSExample { public static void main(String[] args) { String endpoint = "your endpoint"; String region = "your region"; String accessKey = System.getenv("TOS_ACCESS_KEY"); String secretKey = System.getenv("TOS_SECRET_KEY"); String bucketName = "your bucket name"; TOSV2 tos = new TOSV2ClientBuilder().build(region, endpoint, accessKey, secretKey); try{ List<CORSRule> rules = new ArrayList<>(); List<String> allowedOrigins = new ArrayList<>(); allowedOrigins.add("*"); List<String> allowedMethods = new ArrayList<>(); allowedMethods.add("GET"); allowedMethods.add("DELETE"); allowedMethods.add("PUT"); List<String> allowedHeaders = new ArrayList<>(); allowedHeaders.add("Authorization"); List<String> exposeHeaders = new ArrayList<>(); exposeHeaders.add("X-TOS-HEADER-1"); exposeHeaders.add("X-TOS-HEADER-2"); CORSRule rule1 = new CORSRule() .setAllowedOrigins(allowedOrigins) .setAllowedMethods(allowedMethods) .setAllowedHeaders(allowedHeaders) .setExposeHeaders(exposeHeaders) .setMaxAgeSeconds(3600); rules.add(rule1); PutBucketCORSInput input = new PutBucketCORSInput().setBucket(bucketName).setRules(rules); PutBucketCORSOutput output = tos.putBucketCORS(input); System.out.println("putBucketCORS succeed"); } catch (TosClientException e) { // 操作失败,捕获客户端异常,一般情况是请求参数错误,此时请求并未发送 System.out.println("putBucketCORS failed"); System.out.println("Message: " + e.getMessage()); if (e.getCause() != null) { e.getCause().printStackTrace(); } } catch (TosServerException e) { // 操作失败,捕获服务端异常,可以获取到从服务端返回的详细错误信息 System.out.println("putBucketCORS failed"); System.out.println("StatusCode: " + e.getStatusCode()); System.out.println("Code: " + e.getCode()); System.out.println("Message: " + e.getMessage()); System.out.println("RequestID: " + e.getRequestID()); } catch (Throwable t) { // 作为兜底捕获其他异常,一般不会执行到这里 System.out.println("putBucketCORS failed"); System.out.println("unexpected exception, message: " + t.getMessage()); } } }
您可以通过 TOS Java SDK 的 getBucketCORS
接口获取指定桶配置的跨域资源共享规则。
注意
要获取桶的跨域资源共享规则,您的账号必须具备 tos:GetBucketCORS
权限,具体操作请参见权限配置指南。
以下代码展示如何获取桶配置的跨域资源共享规则。
import com.volcengine.tos.TOSV2; import com.volcengine.tos.TOSV2ClientBuilder; import com.volcengine.tos.TosClientException; import com.volcengine.tos.TosServerException; import com.volcengine.tos.model.bucket.CORSRule; import com.volcengine.tos.model.bucket.GetBucketCORSInput; import com.volcengine.tos.model.bucket.GetBucketCORSOutput; public class GetBucketCORSExample { public static void main(String[] args) { String endpoint = "your endpoint"; String region = "your region"; String accessKey = System.getenv("TOS_ACCESS_KEY"); String secretKey = System.getenv("TOS_SECRET_KEY"); String bucketName = "your bucket name"; TOSV2 tos = new TOSV2ClientBuilder().build(region, endpoint, accessKey, secretKey); try{ GetBucketCORSInput input = new GetBucketCORSInput().setBucket(bucketName); GetBucketCORSOutput output = tos.getBucketCORS(input); System.out.println("getBucketCORS succeed"); if (output.getRules() != null) { System.out.println("this bucket has " + output.getRules().size() + " CORS rules"); for (int i = 0; i < output.getRules().size(); i++){ CORSRule rule = output.getRules().get(i); System.out.println("No." + (i+1) + " rule is " + rule.toString()); } } } catch (TosClientException e) { // 操作失败,捕获客户端异常,一般情况是请求参数错误,此时请求并未发送 System.out.println("getBucketCORS failed"); System.out.println("Message: " + e.getMessage()); if (e.getCause() != null) { e.getCause().printStackTrace(); } } catch (TosServerException e) { // 操作失败,捕获服务端异常,可以获取到从服务端返回的详细错误信息 System.out.println("getBucketCORS failed"); System.out.println("StatusCode: " + e.getStatusCode()); System.out.println("Code: " + e.getCode()); System.out.println("Message: " + e.getMessage()); System.out.println("RequestID: " + e.getRequestID()); } catch (Throwable t) { // 作为兜底捕获其他异常,一般不会执行到这里 System.out.println("getBucketCORS failed"); System.out.println("unexpected exception, message: " + t.getMessage()); } } }
您可以通过 TOS Java SDK 的 deleteBucketCORS
接口删除指定桶配置的跨域资源共享规则。
注意
要删除桶的跨域资源共享规则,您的账号必须具备tos:PutBucketCORS
权限,具体操作请参见权限配置指南。
以下代码展示如何删除指定桶的跨域资源共享规则。
import com.volcengine.tos.TOSV2; import com.volcengine.tos.TOSV2ClientBuilder; import com.volcengine.tos.TosClientException; import com.volcengine.tos.TosServerException; import com.volcengine.tos.model.bucket.DeleteBucketCORSInput; import com.volcengine.tos.model.bucket.DeleteBucketCORSOutput; public class DeleteBucketCORSExample { public static void main(String[] args) { String endpoint = "your endpoint"; String region = "your region"; String accessKey = System.getenv("TOS_ACCESS_KEY"); String secretKey = System.getenv("TOS_SECRET_KEY"); String bucketName = "your bucket name"; TOSV2 tos = new TOSV2ClientBuilder().build(region, endpoint, accessKey, secretKey); try{ DeleteBucketCORSInput input = new DeleteBucketCORSInput().setBucket(bucketName); DeleteBucketCORSOutput output = tos.deleteBucketCORS(input); System.out.println("deleteBucketCORS succeed, " + output); } catch (TosClientException e) { // 操作失败,捕获客户端异常,一般情况是请求参数错误,此时请求并未发送 System.out.println("deleteBucketCORS failed"); System.out.println("Message: " + e.getMessage()); if (e.getCause() != null) { e.getCause().printStackTrace(); } } catch (TosServerException e) { // 操作失败,捕获服务端异常,可以获取到从服务端返回的详细错误信息 System.out.println("deleteBucketCORS failed"); System.out.println("StatusCode: " + e.getStatusCode()); System.out.println("Code: " + e.getCode()); System.out.println("Message: " + e.getMessage()); System.out.println("RequestID: " + e.getRequestID()); } catch (Throwable t) { // 作为兜底捕获其他异常,一般不会执行到这里 System.out.println("deleteBucketCORS failed"); System.out.println("unexpected exception, message: " + t.getMessage()); } } }
关于跨域资源共享的更多信息,请参见跨域访问设置。