CORS Configuration for Remote Parquet Files

CORS (Cross-Origin Resource Sharing) must be configured on cloud storage buckets to allow Hyperparam to access remote parquet files. Without proper CORS settings, the browser will block requests.

Why CORS is Required

Hyperparam streams parquet files using HTTP range requests. The storage provider must:

Allow cross-origin requests from the browser
Expose the Content-Range header for byte-range serving
Support GET and HEAD methods

AWS S3

Navigate to S3 Console → Select bucket → Permissions → CORS, then add:

[
    {
        "AllowedHeaders": ["*"],
        "AllowedMethods": ["GET", "HEAD"],
        "AllowedOrigins": ["*"],
        "ExposeHeaders": ["Content-Range"],
        "MaxAgeSeconds": 3000
    }
]

For production, restrict origins:

[
    {
        "AllowedHeaders": ["*"],
        "AllowedMethods": ["GET", "HEAD"],
        "AllowedOrigins": ["https://hyperparam.app", "http://localhost:3000"],
        "ExposeHeaders": ["Content-Range"],
        "MaxAgeSeconds": 3600
    }
]

AWS CLI:

aws s3api put-bucket-cors --bucket your-bucket-name --cors-configuration file://cors.json
aws s3api get-bucket-cors --bucket your-bucket-name  # verify

Google Cloud Storage

Create cors.json:

[
  {
    "origin": ["*"],
    "method": ["GET", "HEAD"],
    "responseHeader": ["Content-Range"],
    "maxAgeSeconds": 3600
  }
]

Apply and verify:

gsutil cors set cors.json gs://your-bucket-name
gsutil cors get gs://your-bucket-name  # verify

Azure Blob Storage

Azure CLI:

az storage cors add \
    --services b \
    --methods GET HEAD \
    --origins "*" \
    --allowed-headers "*" \
    --exposed-headers "Content-Range" \
    --max-age 3600 \
    --account-name your-storage-account

Portal: Navigate to Storage Account → Resource sharing (CORS) → Blob service → Add rule with the same settings.

Testing

Verify CORS with curl:

curl -I -H "Range: bytes=0-1000" \
    -H "Origin: https://hyperparam.app" \
    https://your-bucket.s3.amazonaws.com/file.parquet

# Look for:
# HTTP/1.1 206 Partial Content
# Access-Control-Allow-Origin: *
# Content-Range: bytes 0-1000/...

Troubleshooting

Issue	Solution
"CORS policy blocked"	Add CORS policy to bucket
"Content-Range undefined"	Add `Content-Range` to ExposeHeaders
"No Access-Control-Allow-Origin header"	Use `*` or add `https://hyperparam.app` to AllowedOrigins

Check browser DevTools Console and Network tabs for detailed CORS errors. For private buckets, use signed URLs.