Cross-origin resource sharing (CORS) allows web applications to access resources that do not belong to the domain.

CDNetworks Object Storage CORS settings consist of one or more CORS rules, and each CORS rule contains the following settings:

• allowed_origins, the source of allowed cross-domain requests, such as www.my-domain.com, *
• allowed_methods, HTTP methods allowed for cross-domain requests (PUT, POST, GET, DELETE, HEAD)
• allowed_headers, headers allowed in the OPTIONS prefetch instruction, such as x-os-test, *
• expose_headers, which allows users to access response headers from the application
• Cache Timeout(Seconds), the browser’s prefetch (OPTIONS) request for a specific resource cache time to return the result