带有签名URL的PUT请求的响应不包含标头Access-Control-Allow-Origin。
import os
from datetime import timedelta
import requests
from google.cloud import storage
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = <path to google credentials>
client = storage.Client()
bucket = client.get_bucket('my_bucket')
policies = [
{
'origin': ['*'],
'method': ['PUT'],
}
]
bucket.cors = policies
bucket.update()
blob = bucket.blob('new_file')
url = blob.generate_signed_url(timedelta(days=30), method='PUT')
response = requests.put(url, data='some data')
for header in response.headers.keys():
print(header)
输出:
X-GUploader-UploadID
ETag
x-goog-generation
x-goog-metageneration
x-goog-hash
x-goog-stored-content-length
x-goog-stored-content-encoding
Vary
Content-Length
Date
Server
Content-Type
Alt-Svc
如您所见,没有CORS标头。那么,我可以得出结论,GCS不能正确/完全支持CORS吗?
跨源资源共享(CORS)允许来自不同来源的资源之间的交互。默认情况下,在Google云端存储中禁止/禁用此操作以防止恶意行为。
您可以使用Cloud Libraries,Rest API或Cloud SDK启用它,请记住以下规则:
FULL_CONTROL。- storage.googleapis.com/[BUCKET_NAME]
- [BUCKET_NAME].storage.googleapis.com
起源storage.cloud.google.com/[BUCKET_NAME]不会回复CORS标题。
headers = {
'ORIGIN': '*'
}
response = requests.put(url, data='some data', headers=headers)
for header in response.headers.keys():
print(header)
给出以下输出:
X-GUploader-UploadID
ETag
x-goog-generation
x-goog-metageneration
x-goog-hash
x-goog-stored-content-length
x-goog-stored-content-encoding
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length
Date
Server
Content-Type