# CORS Settings This section explains the **CORS Settings** on the Service Portal AI. **CORS** stands for *Cross-Origin Resource Sharing*, which allows web applications to access resources from a different domain than their original domain. CORS is an HTTP-based security mechanism that enables servers to control data requests coming from different domains. By default, browsers restrict cross-domain access for security reasons. CORS provides a secure and controlled way to allow exceptions to these restrictions. By using CORS, you can define whether a browser is allowed to permit a web page from one origin (domain, protocol, and port) to access resources from another origin. By using CORS, you can define whether a browser is allowed to permit a web page from one origin (domain, protocol, and port) to access resources from another origin. Here is an example to help you better understand how CORS works:\ Suppose you have a website at `https://www.technicalwriters.id/`, and you store static files such as images, videos, or PDFs in the Deka Box Service Portal AI at the following link `https://putri.basic.box.cloudeka.id/demo-deka-box/logo.png`. When the browser tries to access this file from the Cloudeka domain, it automatically blocks the request because the bucket denies access for security reasons. Therefore, you need to configure **CORS settings** on your bucket to allow cross-domain access from your website. In the CORS Configuration on Service Portal AI, you can [Add CORS Configuration](#add-cors-configuration) and [Delete CORS Configuration](#delete-cors-configuration). ## Add CORS Configuration To add CORS configuration to Deka Box via the Service Portal AI. On the Overview Tab in Deka Box Details page click the CORS Settings button.
The Cors Configuration page appears, click the Add button.
The Advanced CORS Options window appears, fill in the available columns. After filling in all the available columns, press the Save Option button.
ColumnDescription
Bucket NameThe name used to identify the bucket.
OriginThe request CORS uses in the scheme (http or https), domain, and port from which the request is sent.
Allow Methods

List of methods that are allowed to be used in CORS requests to the bucket:

  • GET is used to retrieve or read data from the bucket. It is the most commonly used method for static files on websites and must be selected if you require read access,
  • PUT is used to upload files or overwrite objects in the bucket. This is typically used by web applications that allow users to upload files to the bucket.
  • DELETE is used to delete files via API,
  • POST is used to upload files through multipart forms,
  • HEAD is used to request a file’s metadata without downloading the actual content.
Allow HeaderList of HTTP headers that are allowed to be used in CORS requests
In the **Origin** section, you can enter a valid website address. In this guide, we use `https://technicalwriters.id`.
In the **Allowed Methods** section, since the website only displays images, it is sufficient to check the **GET** option.
In the **Allowed Headers** section, you may leave it blank if no special headers are needed. However, for flexibility and safety, you can use a wildcard symbol `*`. The wildcard `*` means all types of headers are allowed (such as `Authorization`, `Content-Type`, etc.).
Once you have added the CORS configuration, click the **Apply Changes** button to save the settings.
Wait until the process is complete and the notification **"Successfully updated CORS rules"** appears.
## Delete CORS Configuration To delete the CORS configuration on a Deka Box that is no longer in use via the Service Portal AI. On the Overview Tab in Deka Box Details page click the CORS Settings button.
In the CORS Configuration list, click the Delete button on the CORS configuration that you want to delete.
Then click **Apply Changes** to apply and save the configuration.
A success notification will appear indicating that the CORS configuration has been updated.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cloudeka.ai/deka-box/overview-deka-box/cors-settings.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.