S3 listBuckets CORS is not available

[kesor]

According to SERVICES.md the S3 service is CORS enabled. And yet calling listBuckets when using aws-sdk.js in a browser, fails to work because the services is not enabled with CORS.

I'm using aws-sdk.js version

AWS.VERSION
"2.188.0"

The code running in the browser is just

AWS.config.credentials = new AWS.Credentials({ accessKeyId: "...", "secretAccessKey": "..." })
const s3 = new AWS.S3({ region: "us-east-1" })
s3.listBuckets()

Getting this result in the console

aws-sdk.min.js:47 OPTIONS https://s3.eu-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ca-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ca-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-south-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-south-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-east-2.amazonaws.com/ net::ERR_ABORTED
(index):1 Failed to load https://s3.us-east-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-south-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-south-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ca-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ca-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-east-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-east-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ca-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ca-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-south-1.amazonaws.com/ net::ERR_ABORTED
(index):1 Failed to load https://s3.ap-south-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-1.amazonaws.com/ net::ERR_ABORTED
(index):1 Failed to load https://s3.eu-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.sa-east-1.amazonaws.com/ net::ERR_ABORTED
(index):1 Failed to load https://s3.sa-east-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-east-2.amazonaws.com/ net::ERR_ABORTED
(index):1 Failed to load https://s3.us-east-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ca-central-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ca-central-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-east-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-east-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.eu-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.eu-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.sa-east-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.sa-east-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-south-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-south-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.sa-east-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.sa-east-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.sa-east-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.sa-east-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.us-west-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.us-west-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-southeast-2.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-southeast-2.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.
aws-sdk.min.js:47 OPTIONS https://s3.ap-northeast-1.amazonaws.com/ 403 (Forbidden)
(index):1 Failed to load https://s3.ap-northeast-1.amazonaws.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. The response had HTTP status code 403.

[jeskew]

S3 allows CORS supported to be enabled and configured on a bucket by bucket basis, but as far as I know, there is no way to enable CORS for bucket-level operations (e.g., ListBuckets, CreateBucket, etc.). I'll forward this request onto the service team, but it would be more effective coming directly from a customer. You can reach out to the service team directly via their AWS Developer Forum or through a ticket with AWS support.

[RoboSparrow]

I suppose this is the case with a number of sdk Methods. It would be helpful if CORS limitations could be included in the SDK docs.

[AllanZhengYP]

Hey @RoboSparrow, I believe this is a very valid request. Maybe we can add a note in docs that the service doesn't support cors. You can always check the CORS support by yourself here. The specific service supports CORS if it specifies cors: true

[simonbuchan]

@AllanFly120 that file has listed s3 as supporting cors since sept. 2016.

[srchase]

@simonbuchan

See @jeskew's comment above: #6608

I'll leave this issue open to track improving the documentation, but the S3 service team would need to implement CORS support for listBuckets to work from the browser.

[simonbuchan]

Yes, I was just replying to allans comment that you can see if CORS has support in that file, which clearly you can't in this case, hence this issue 😉

[Private-SO]

+1 for this feature request

[krislavten]

+1 for this feature request

[RoboSparrow]

There might be valid reasons not to enable CORS for some operations. It would be good to have these labelled clearly in "Method Summary" section for each service class and the method section itself.

Yes, CORS limits are mentioned int the installation section. But hey, most of us read that section only once. The problem is that we usually just jump right to the method
(where it is not mentioned), and start coding..

[jagmumidi]

i am getting following error

message:"Cannot read property 'listBuckets' of undefined"
stack:"TypeError: Cannot read property 'listBuckets' of undefined\n    at S3BucketConstructE2ETest.checkS3Bucket (S3BucketConstructE2ETest.js:35:33)\n    at S3BucketConstructE2ETest.js:23:24\n    at new Promise (<anonymous>)\n    at S3BucketConstructE2ETest.runTests (S3BucketConstructE2ETest.js:22:16)\n    at Object.<anonymous> (/e2e-tests/S3BucketConstructE2ETest.js:53:7)\n    at Module._compile (internal/modules/cjs/loader.js:933:14)\n    at Object.Module._extensions..js (internal/modules/cjs/loader.js:947:10)\n    at Module.load (internal/modules/cjs/loader.js:790:32)\n    at Function.Module._load (internal/modules/cjs/loader.js:703:12)\n    at Function.Module.runMain (internal/modules/cjs/loader.js:999:10)"
__proto__:Error {constructor: , name: "TypeError", message: "", …}

[Mitriol]

Is there any chance that this functionality, though not currently supported, could be added? It's something that I at least know my project would benefit greatly from, as our target user aren't too technical and if we could simply skip the step of them having the "aws ls" in their terminal, that would be excellent.

[matwerber1]

+1, I want to create an in-browser app that provides my own custom UI for viewing / navigating information across buckets in an account.

I suppose I could proxy a request Lambda via API Gateway and have the Lambda make the call on my behalf, but would much prefer to do it natively in the front-end code (using Cognito / federated identity pools)

[cyrfer]

Please add CORS support for ListBuckets.

[github-actions]

Greetings! We’re closing this issue because it has been open a long time and hasn’t been updated in a while and may not be getting the attention it deserves. We encourage you to check if this is still an issue in the latest release and if you find that this is still a problem, please feel free to comment or open a new issue.

[kesor]

Apparently no one at AWS deems it important enough to give this any attention in the last three years. And now there is a bot that auto-closes "old" issues that no one cares about. 👍 Great job AWS!

[ajredniwja]

Hey @kesor, apologies that the issue was not added to auto exempt, usually the bot is actually for issues where there has been no response from the customer and is just a low hanging fruit in the repo, with that being said, looking at the comments, were you able to open any requests at the forum mentioned? If not, I can open a ticket internally.

[kesor]

Hey @kesor, apologies that the issue was not added to auto exempt, usually the bot is actually for issues where there has been no response from the customer and is just a low hanging fruit in the repo, with that being said, looking at the comments, were you able to open any requests at the forum mentioned? If not, I can open a ticket internally.

@ajredniwja

At the time of the issue I opened all possible tickets, created a forum post with the S3 service forum, etc... nothing happened still. Feel free to open additional tickets. It is not the tickets that resolve the issue, it is the adding of two lines to the API output of S3 service for CORS.

[ajredniwja]

@kesor, apologies again, unfortunately it has to be enabled by the S3 team, I have reached out to the team, will get back to you as soon as I have an answer.

[johnrteg]

Probably too old, but it would be nice to list buckets without the CORS headache. The work around to manage available buckets in a json file in a created (well known) bucket will have to suffice for now.

[github-actions]

Greetings! We’re closing this issue because it has been open a long time and hasn’t been updated in a while and may not be getting the attention it deserves. We encourage you to check if this is still an issue in the latest release and if you find that this is still a problem, please feel free to comment or open a new issue.

[kesor]

Another year, another lack of CORS in S3 APIs. It literally takes ten minutes to test and deploy such a change.

[krislavten]

I was disappointed with the efficiency of AWS

[jrodimusprime]

Still waiting on this one

[kesor]

A couple more people struggling with AWS, for reference:

• https://stackoverflow.com/questions/35004258
• https://stackoverflow.com/questions/52293768
• https://stackoverflow.com/questions/61198135
• https://stackoverflow.com/questions/39736813
• https://stackoverflow.com/questions/32418255

[NewbiZ]

Come on it's been 5 years now, can we please have CORS on bucket level operations?

[BRome-SmallBatchAI]

Having the same issue, it seems impossible to use this request in React.

[adamcloudboss]

Any update on this?

[RanVaknin]

Hi All,

I'm going through older issues and came across this. After reproducing this I can see that this remains an issue and is a broader problem and not an SDK specific issue.

I cannot commit to S3 adding the CORS header to the responses from listBuckets and CreateBucket because I do not have visibility as to why these operations were excluded in the first place. Perhaps there is a good reason. If this is the expected behavior this must be clearly documented since it's clearly a recurring pain point for customers.

I have created an internal ticket (#P137549575) with the S3 team asking for some clarifications. If any of the customers on this thread have access to support via the AWS developer console I suggest you open a support case as well and reference this ticket ID.

I will transfer this issue to the JS SDK v3 repo to make it more discoverable.

Thanks,
Ran~