S3] About cross-origin access (CORS)


What is CORS (Cross-Origin Resource Sharing)



  • What are the benefits of having CORS?


CORS is a generic term for resource sharing technology, as in Resource Sharing.
It means that S3 can be used for that CORS.

Simply put.
I think the advantage would be that front engineers would not need to reinvent the wheel of some of the resources on the screen (reducing development costs) as they develop.

You have probably seen pages with Google Maps built in on the web screen. (e.g. the access page on the company page)

However, since it is S3, the only content that can be used would be static content.

In order to achieve this CORS, "settings for access from another domain" may be required on the front side.

Naturally, since communication with another server occurs, it is necessary to design and implement the system with security in mind.



  • Inter-origin resource sharing
  • cross-origin resource sharing


In the first place

What does "Origin" mean?

What does "Origin" mean?

What is origin?

The origin of data

means the source of the data.

Definition of data source

  • WEB page
  • graphics file
  • Protocol (http://, https;//)
  • Domain name (example.com)
  • Port number (80, 443)


Difference between domain and origin

Domain: google.com

Origin: https://google.com:443

The difference from a domain is that it includes protocol (https;//) and port number (443).



What kind of technology is CORS?

  • Technology that allows a browser to retrieve resources from a different domain (server) than the page being viewed.
  • Technology that uses HTTP headers to retrieve web resources from a server with CORS settings.


Why do we need it?

To make the CDN safe.


How do we make it happen?

Use HTTP headers.



S3] About cross-origin access (CORS)

Enabling Cross-Origin Resource Sharing (CORS) in S3 will
S3 resources can be shared to other domains
S3 resources can be shared to other domains.

CORS defines how client web applications loaded in a particular domain communicate with resources in different domains.

This allows you to build feature-rich client-side web applications using Amazon S3 and selectively grant cross-origin access to Amazon S3 resources.