:doc:`MediaStore <../../mediastore>` / Client / put_cors_policy

***************
put_cors_policy
***************



.. py:method:: MediaStore.Client.put_cors_policy(**kwargs)

  

  Sets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.

   

  To enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.

   

  To learn more about CORS, see `Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore <https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html>`__.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/mediastore-2017-09-01/PutCorsPolicy>`_  


  **Request Syntax**
  ::

    response = client.put_cors_policy(
        ContainerName='string',
        CorsPolicy=[
            {
                'AllowedOrigins': [
                    'string',
                ],
                'AllowedMethods': [
                    'PUT'|'GET'|'DELETE'|'HEAD',
                ],
                'AllowedHeaders': [
                    'string',
                ],
                'MaxAgeSeconds': 123,
                'ExposeHeaders': [
                    'string',
                ]
            },
        ]
    )
    
  :type ContainerName: string
  :param ContainerName: **[REQUIRED]** 

    The name of the container that you want to assign the CORS policy to.

    

  
  :type CorsPolicy: list
  :param CorsPolicy: **[REQUIRED]** 

    The CORS policy to apply to the container.

    

  
    - *(dict) --* 

      A rule for a CORS policy. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.

      

    
      - **AllowedOrigins** *(list) --* **[REQUIRED]** 

        One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).

         

        Each CORS rule must have at least one ``AllowedOrigins`` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.

        

      
        - *(string) --* 

        
    
      - **AllowedMethods** *(list) --* 

        Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.

         

        Each CORS rule must contain at least one ``AllowedMethods`` and one ``AllowedOrigins`` element.

        

      
        - *(string) --* 

        
    
      - **AllowedHeaders** *(list) --* **[REQUIRED]** 

        Specifies which headers are allowed in a preflight ``OPTIONS`` request through the ``Access-Control-Request-Headers`` header. Each header name that is specified in ``Access-Control-Request-Headers`` must have a corresponding entry in the rule. Only the headers that were requested are sent back.

         

        This element can contain only one wildcard character (*).

        

      
        - *(string) --* 

        
    
      - **MaxAgeSeconds** *(integer) --* 

        The time in seconds that your browser caches the preflight response for the specified resource.

         

        A CORS rule can have only one ``MaxAgeSeconds`` element.

        

      
      - **ExposeHeaders** *(list) --* 

        One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object).

         

        This element is optional for each rule.

        

      
        - *(string) --* 

        
    
    

  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 
  
  **Exceptions**
  
  *   :py:class:`MediaStore.Client.exceptions.ContainerNotFoundException`

  
  *   :py:class:`MediaStore.Client.exceptions.ContainerInUseException`

  
  *   :py:class:`MediaStore.Client.exceptions.InternalServerError`

  