This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Configured bucket CORS not applying

Posted 3 weeks ago
CodeSmith32
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I'm trying to get CORS configured and working for a bucket. I've already run:

 

gcloud storage buckets update gs://my-bucket-name --cors-file=cors-config.json

 

with a CORS configuration of

 

[
  {
    "maxAgeSeconds": 3600,
    "method": [
      "GET"
    ],
    "origin": [
      "https://redacted.web.app",
      "https://redacted.firebaseapp.com"
    ],
    "responseHeader": [
      "Content-Type"
    ]
  }
]

 

And then confirmed that it ran correctly using:

 

gcloud storage buckets list --format="json(name,cors-config)"

 

And everything looked correct.

But it still doesn't work.

It won't load cross-origin on web-pages definitely from the specified origins, and every url I've found to reach it, when viewing the inspector, shows no Access-Control-Allow-Origin header at all.

Any thoughts?

6 2 99
Topic Labels
2 REPLIES 2

Posted on --/--/---- --:-- AM
juliadeanne
Staff
Reply posted on --/--/---- --:-- AM

Hello @CodeSmith32,

Welcome to the Google Cloud Community!

To test a CORS request simply, you can follow the instructions from this StackOverflow post. Look for 'Access-Control-Allow-Origin' and other CORS headers in the response. If these headers are missing or the response code isn't 200, it indicates that the preflight request has failed.

Browsers often send a preflight request (using the OPTIONS method) before the actual request (GET) to verify if CORS settings allow the request. Make sure your cors-config.json file lists "OPTIONS" under the methods for your origins.

Additionally, the maxAgeSeconds setting in your configuration determines how long the browser caches the CORS preflight response. Consider setting this to a shorter duration, such as 60 seconds, to make the browser request a new preflight response and update to the latest CORS configuration.

Also, ensure that the cors-config.json file has the correct permissions for accessing Google Cloud Storage. The service account used by gcloud may require read access to this file.

Posted on --/--/---- --:-- AM
CodeSmith32
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hey @juliadeanne,

It does seem to be working now. Is your point that I have to wait at least maxAgeSeconds before I should expect it to work after a change to the CORS config?