Introduction
Cross-origin resource sharing (CORS) allows client web applications to access your S3 resources in a different domain by defining the CORS configuration in the XML document attached to your bucket. It allows cross-origin requests for your client-side application using CORS. For example, imagine that you have your own web server in the EC2 instance and want to use JavaScript on the web pages to access JSON files in an S3 static website. You can configure your bucket to enable cross-origin requests from the web server.
CORS can define rules in the XML configuration document, for example, the methods (GET, PUT, POST, DELETE, and HEAD), the origins (http://xxx, http://*.com), the headers (Authorization, Content-Type, x-amz-xxx, and so on), and the time in seconds to cache the response.
To enable CORS, the following methods are supported:
The AWS management console
AWS SDK for Java
AWS SDK for JavaScript
AWS SDK for .NET
AWS SDK for PHP
AWS SDK for Python
AWS SDK for Ruby
REST API
AWS CLI
