Everett Toews

Helping you shave narwhals

Swift/Cloud Files Cross Origin Resource Sharing Container with jclouds

04 Jun 2013

Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from. Such “cross-domain” requests would otherwise be forbidden by web browsers, per the same origin security policy. CORS defines a way in which the browser and the server can interact to determine whether or not to allow the cross-origin request. It is more powerful than only allowing same-origin requests, but it is more secure than simply allowing all such cross-origin requests.

In the context of OpenStack Swift and Rackspace Cloud Files a CORS enabled container allow users to upload files from one website–or origin–to your Swift/Cloud Files container. When you set the CORS headers on your container, you tell it which sites may post to your account, how often your container checks its allowed sites list, and whether or not metadata headers can be passed with the objects.

You can find example code to enable and configure CORS at CrossOriginResourceSharingContainer.java. To allow users temporary access to a such a container you would use example code like GenerateTempURL.java.