全部文档
当前文档

共搜索到 0 条结果

暂无内容

如果没有找到您期望的内容,请尝试其他搜索词

文档中心

AWS S3 兼容性优化

最近更新时间:2026-07-08 23:56:27

为了给您带来更好的AWS S3 兼容性体验,KS3计划于2026年7月15日完成全部地域AWS S3 兼容性优化升级。

本次升级涉及存储桶 CORS 规则未配置与存在 CORS 配置但预检条件不符合存储桶的 CORS 配置的错误响应优化,请您检查存储桶 CORS 配置是否正确配置,给您带来的不便敬请谅解。

优化内容:

1. 预检请求(Options Object)相关

1.1 当存储桶未配置CORS 规则,option请求修正为403

优化前:规则未配置所有预检请求返回200,不符合option 预检请求规范

优化后:存储桶未配置CORS 规则,option请求修正为报403

优化前

优化后

问题

http code

http code

错误码

Message

存储桶未配置core 规则,所以option请求响应200

200

403

AccessForbidden

CORSResponse: CORS is not enabled for this bucket.

响应示例:

<Error>
<Code>AccessForbidden</Code>

<Message>CORSResponse: CORS is not enabled for this bucket.</Message>

<Method>OPTIONS</Method>
<ResourceType>BUCKET</ResourceType>

<RequestId>FM39VPJ0A4A****C2H1</RequestId>

</Error>

1.2 当存储桶配置CORS 规则,option请求修正为403

若因请求Origin、Access-Control-Request-Method、Access-Control-Request-Headers 请求header未通过存储桶CORS 规则校验,则返回如下优化处理

优化前

优化后

问题

http code

http code

错误码

报错示例

Origin相关

option的请求头中未配置Origin,报错不清晰,http code不规范

403

400

BadRequest

<Error>

<Code>BadRequest</Code>

<Message>Insufficient information. Origin request header needed.</Message>

<RequestId>T4SFGBGK***WZVZ6T6C</RequestId>

</Error><Error>

未设置Origin,设置正确Access-Control-Request-Method,Origin必填项未验证

200

400

BadRequest

<Error>

<Code>BadRequest</Code>

<Message>Insufficient information. Origin request header needed.</Message>

<RequestId>T4SFGBGK***WZVZ6T6C</RequestId>

</Error><Error>

Origin配置但不符合CORS规则,报错提示不详细

403

403

AccessForbidden

报错信息详细:

<?xml version="1.0" encoding="UTF-8"?>

<Error>

<Code>AccessForbidden</Code>

<Message>CORSResponse: This CORS request is not allowed. This is usually because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.</Message>

<Method>OPTIONS</Method>

<ResourceType>OBJECT</ResourceType>

<RequestId>TC6SM3MV***JW1GYG5C</RequestId>

</Error>

Access-Control-Request-Method相关

未配置value

403

403

AccessForbidden

示例:

<Error>
<Code>AccessForbidden</Code>

<Message>CORSResponse: This CORS request is not allowed. This is usually because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.</Message>
<Method>PUT</Method> <ResourceType>OBJECT</ResourceType>

<RequestId>A3P7H16NW***JXRPHXY</RequestId>

</Error>

配置value不符合有效参数范围,其他错误配置输出非法字符,响应信息过于简单,无法定位问题

http code:403

错误码:AccessForbidden

错误信息:无

403

400

BadRequest

Invalid Access-Control-Request-Method: xxx

说明:反馈用户输入非法,可明确提示错误原因

响应示例:

<Error>

<Code>BadRequest</Code>

<Message>Invalid Access-Control-Request-Method: GETxxx</Message>

<RequestId>GMK2WB***SKVZRC4TR1</RequestId>

</Error>

注意: Access-Control-Request-Method 大小写不敏感

Access-Control-Request-Headers

配置但不符合CORS规则

响应信息明确,不利于定位问题

403

403

AccessForbidden

<Error>

<Code>AccessForbidden</Code>

<Message>CORSResponse: This CORS request is not allowed. This is usually because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Request-Headers are not whitelisted by the resource's CORS spec.</Message>
<Method>GET</Method>

<ResourceType>OBJECT</ResourceType>

<RequestId>M6BQWDGZ7YKYG2JE</RequestId>

</Error>

2 存储桶跨域访问(Bucket CORS) 相关

如果指定存储桶存在 CORS 配置且预检条件符合存储桶的 CORS 配置,则新增响应:Access-Control-Allow-Credentials:true

优化前

优化后

请求

OPTIONS /my-image.jpg HTTP/1.1

Host: ks3-example.ks3-cn-beijing.ksyun.com

Date: Thu, 09 Jul 2025 14:49:22 GMT

Origin: https://example.com

Access-Control-Request-Method: PUT

Access-Control-Request-Headers: content-md5,content-type

响应

HTTP/1.1 200 OK

Content-Length: 0

Access-Control-Allow-Headers: content-md5,content-type

Access-Control-Allow-Methods: PUT,GET,POST,DELETE,HEAD

Access-Control-Allow-Origin: https://example.com

Access-Control-Expose-Headers: Content-Length,ETag

Access-Control-Max-Age: 600

Date: Thu, 09 Jul 2020 14:49:22 GMT

Server: KS3

请求

OPTIONS /my-image.jpg HTTP/1.1

Host: ks3-example.ks3-cn-beijing.ksyun.com

Date: Thu, 09 Jul 2025 14:49:22 GMT

Origin: https://example.com

Access-Control-Request-Method: PUT

Access-Control-Request-Headers: content-md5,content-type

响应

HTTP/1.1 200 OK

Content-Length: 0

Access-Control-Allow-Credentials: true

Access-Control-Allow-Headers: content-md5,content-type

Access-Control-Allow-Methods: PUT,GET,POST,DELETE,HEAD

Access-Control-Allow-Origin: https://example.com

Access-Control-Expose-Headers: Content-Length,ETag

Access-Control-Max-Age: 600

Date: Thu, 09 Jul 2025 14:49:22 GMT

Server: KS3

3.分片上传相关

3.1分片上传单个分片的大小支持0字节

优化前

优化后

  • 当前KS3对所有分片上传不容许0字节上传(非chunked 上传方式)。KS3在UploadPart阶段会返回EntityTooSmall错误,上传失败。

  • chunked上传方式:0字节可以成功。

  • 上传分片UploadPart 接口本身支持,小于5G的分片都可以上传成功(返回 200)

  • 在CompleteMultipartUpload校验时,仅要求非末尾分片不小于100 KiB,最后一个分片允许任意大小(包括0字节),若不满足则返回 EntityTooSmall

3.2 分片上传错误提示精细

优化前

优化后

  • 当CompleteMultipartUpload因分片大小不符合要求而失败时,KS3仅返回简单的错误信息,如

  • 在返回EntityTooSmall错误时,响应体中增加以下字段:

    • PartNumber:出错的非末尾分片编号(排序后第一个出问题的片)。

    • ProposedSize:该分片实际上传的大小(单位:字节)。

    • MinSizeAllowed:允许的最小大小(对于非末尾分片实际应为100 KiB = 102400字节

    • ETag:该分片的ETag

    • 同时保留原有的CodeMessageRequestid字段。

  • 错误响应示例

    • 若多个分片均有问题,仅返回第一个有问题的分片错误信息

HTTP/1.1 400 Bad Request
Content-Type: application/xml

<Error>
    <Code>EntityTooSmall</Code>
    <Message>Your proposed upload is smaller than the minimum allowed size</Message>
    <ProposedSize>0</ProposedSize>
    <MinSizeAllowed>102400</MinSizeAllowed>
    <PartNumber>1</PartNumber>
    <ETag>"d41d8cd98f00b204e9800998ecf8427e"</ETag>
    <Requestid>"1d********8427e" <Requestid>
</Error>

文档导读
纯净模式常规模式

纯净模式

点击可全屏预览文档内容
文档反馈