Simon posted in: Developer Memset News

Cross-Origin Resource Sharing (CORS) is a specification that enables access to restricted resources (e.g. embedded fonts or JavaScript's AJAX calls) on a web page to be requested from another domain outside the domain from which the resource originated.

CORS defines a set of headers so a browser and server can interact to safely determine whether or not to allow the cross-origin request.

Today we are pleased to announce that we are putting live CORS support for our CDN service.

The new functionality enables our customers to set a value for the Access-Control-Allow-Origin header sent by the server so a container can be effectively enabled to use CORS.

The header can be set to an URL, to restrict the access to that origin, or to * to allow any origin.

There are three ways of enabling that header:

Let's see how to use OpenStack API to allow access to any origin to the public container. For this example we're going to use the official swiftcommand line client:

-A post \
--meta cors:"*" \


In the example, MYUSER should be replaced by you admin user and MYPASSWORD by their password. The --meta option is used to set container's metadata, in this case, the content of cors, that will be used by the CDN nodes to populate the appropriate header.