HCP Tenant Management Help


Using CORS to process cross-domain requests

HCP supports Cross-Origin Resource Sharing (CORS). CORS is a mechanism that uses additional HTTP headers to allow a web application running on a browser at one origin (domain) to have permission to access restricted resources on a server at a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, and port) than its own.

To use CORS with HCP, you first need to configure CORS rules for a namespace to specify the sites that are allowed cross-origin access. Then, the HCP software validates incoming requests for compliance to these rules.

CORS rules are specific to a namespace and can be configured at either the namespace level or tenant level.

This section of the help:

Describes supported CORS use cases

Describes CORS configuration limits in HCP

Describes HCP permissions for CORS configuration

Describes how to configure CORS rules for a namespace

Presents a CORS rules configuration template

Presents examples of PUT, GET, and DELETE bucket requests

Describes how CORS request processing works

Presents a preflighted request example

Additional resources

For general information about S3 compatible API requests and HCP responses to those requests, see Requests and responses.

For more information about CORS, see the Web Hypertext Application Technology Working Group (WHATWG) document Fetch Living Standard.

© 2015, 2019 Hitachi Vantara Corporation. All rights reserved.