Amazon S3 announces Cross-Origin Resource Sharing (CORS) support

Posted on: Aug 31, 2012

We're delighted to announce support for Cross-Origin Resource Sharing (CORS) in Amazon S3. You can now easily build web applications that use JavaScript and HTML5 to interact with resources in Amazon S3, enabling you to implement HTML5 drag and drop uploads to Amazon S3, show upload progress, or update content. Until now, you needed to run a custom proxy server between your web application and Amazon S3 to support these capabilities. A custom proxy server was required because web browsers limit the way web pages loaded from one site (e.g. http://mywebsite.com) can interact with content from another site (e.g. a location in Amazon S3 like assets.mywebsite.com.s3.amazonaws.com). Amazon S3’s support for CORS replaces the need for this custom proxy server by instructing the web browser to selectively enable these cross-site interactions.

You can use the AWS Management Console or the Amazon S3 API to configure your Amazon S3 bucket for CORS. To learn more, please refer to the Amazon S3 Developer Guide.