一、问题描述
Access to XMLHttpRequest at 'https://xxxxx.oss-cn-XXXX.aliyuncs.com/websiteInfo/newsicon_1646794266000.jpg' from origin 'http://xxxxxx:8081' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
二、阿里云配置支持跨域
对象存储-》Bucket列表-》对象名,选择权限管理-》跨域设置
点击跨域设置
点击创建规则
ETag
x-oss-request-id
根据需求创建
*
access-control-allow-origin:*
access-control-allow-credentials:true
eg:
配置后效果
如果之后报错403
可以查看临时授权角色的自定义策略配置
参考模板
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": "oss:*",
"Resource": "acs:oss:*:*:你的Bucket名称/*"
},
{
"Effect": "Allow",
"Action": "oss:ListObjects",
"Resource": "acs:oss:*:*:你的Bucket名称",
"Condition": {
"StringLike": {
"oss:Prefix": [
""
]
},
"StringEquals": {
"oss:Delimiter": "/"
}
}
}
]
}