diff --git a/bucket_encryption.go b/bucket_encryption.go
new file mode 100644
index 0000000..eae8334
--- /dev/null
+++ b/bucket_encryption.go
@@ -0,0 +1,51 @@
+package cos
+
+import (
+	"context"
+	"encoding/xml"
+	"net/http"
+)
+
+type BucketEncryptionConfiguration struct {
+	SSEAlgorithm string `xml:"SSEAlgorithm"`
+}
+
+type BucketPutEncryptionOptions struct {
+	XMLName xml.Name                       `xml:"ServerSideEncryptionConfiguration"`
+	Rule    *BucketEncryptionConfiguration `xml:"Rule>ApplySideEncryptionConfiguration"`
+}
+
+type BucketGetEncryptionResult BucketPutEncryptionOptions
+
+func (s *BucketService) PutEncryption(ctx context.Context, opt *BucketPutEncryptionOptions) (*Response, error) {
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?encryption",
+		method:  http.MethodPut,
+		body:    opt,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return resp, err
+}
+
+func (s *BucketService) GetEncryption(ctx context.Context) (*BucketGetEncryptionResult, *Response, error) {
+	var res BucketGetEncryptionResult
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?encryption",
+		method:  http.MethodGet,
+		result:  &res,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return &res, resp, err
+}
+
+func (s *BucketService) DeleteEncryption(ctx context.Context) (*Response, error) {
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?encryption",
+		method:  http.MethodDelete,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return resp, err
+}
diff --git a/bucket_encryption_test.go b/bucket_encryption_test.go
new file mode 100644
index 0000000..64be1e1
--- /dev/null
+++ b/bucket_encryption_test.go
@@ -0,0 +1,100 @@
+package cos
+
+import (
+	"context"
+	"encoding/xml"
+	"fmt"
+	"net/http"
+	"reflect"
+	"testing"
+)
+
+func TestBucketService_GetEncryption(t *testing.T) {
+	setup()
+	defer teardown()
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		vs := values{
+			"encryption": "",
+		}
+		testFormValues(t, r, vs)
+		fmt.Fprint(w, `<ServerSideEncryptionConfiguration>
+    <Rule>
+        <ApplySideEncryptionConfiguration>
+            <SSEAlgorithm>AES256</SSEAlgorithm>
+        </ApplySideEncryptionConfiguration>
+    </Rule>
+</ServerSideEncryptionConfiguration>`)
+
+	})
+
+	res, _, err := client.Bucket.GetEncryption(context.Background())
+	if err != nil {
+		t.Fatalf("Bucket.GetEncryption returned error %v", err)
+	}
+
+	want := &BucketGetEncryptionResult{
+		XMLName: xml.Name{Local: "ServerSideEncryptionConfiguration"},
+		Rule: &BucketEncryptionConfiguration{
+			SSEAlgorithm: "AES256",
+		},
+	}
+
+	if !reflect.DeepEqual(res, want) {
+		t.Errorf("Bucket.GetEncryption returned %+v, want %+v", res, want)
+	}
+}
+
+func TestBucketService_PutEncryption(t *testing.T) {
+	setup()
+	defer teardown()
+
+	opt := &BucketPutEncryptionOptions{
+		Rule: &BucketEncryptionConfiguration{
+			SSEAlgorithm: "AES256",
+		},
+	}
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "PUT")
+		vs := values{
+			"encryption": "",
+		}
+		testFormValues(t, r, vs)
+
+		body := new(BucketPutEncryptionOptions)
+		xml.NewDecoder(r.Body).Decode(body)
+		want := opt
+		want.XMLName = xml.Name{Local: "ServerSideEncryptionConfiguration"}
+		if !reflect.DeepEqual(body, want) {
+			t.Errorf("Bucket.PutEncryption request\n body: %+v\n, want %+v\n", body, want)
+		}
+	})
+
+	_, err := client.Bucket.PutEncryption(context.Background(), opt)
+	if err != nil {
+		t.Fatalf("Bucket.PutEncryption returned error: %v", err)
+	}
+}
+
+func TestBucketService_DeleteEncryption(t *testing.T) {
+	setup()
+	defer teardown()
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, http.MethodDelete)
+		vs := values{
+			"encryption": "",
+		}
+		testFormValues(t, r, vs)
+
+		w.WriteHeader(http.StatusNoContent)
+	})
+
+	_, err := client.Bucket.DeleteEncryption(context.Background())
+	if err != nil {
+		t.Fatalf("Bucket.DeleteEncryption returned error: %v", err)
+	}
+
+}
diff --git a/bucket_referer.go b/bucket_referer.go
new file mode 100644
index 0000000..fe8b6a0
--- /dev/null
+++ b/bucket_referer.go
@@ -0,0 +1,40 @@
+package cos
+
+import (
+	"context"
+	"encoding/xml"
+	"net/http"
+)
+
+type BucketPutRefererOptions struct {
+	XMLName                 xml.Name `xml:"RefererConfiguration"`
+	Status                  string   `xml:"Status"`
+	RefererType             string   `xml:"RefererType"`
+	DomainList              []string `xml:"DomainList>Domain"`
+	EmptyReferConfiguration string   `xml:"EmptyReferConfiguration,omitempty"`
+}
+
+type BucketGetRefererResult BucketPutRefererOptions
+
+func (s *BucketService) PutReferer(ctx context.Context, opt *BucketPutRefererOptions) (*Response, error) {
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?referer",
+		method:  http.MethodPut,
+		body:    opt,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return resp, err
+}
+
+func (s *BucketService) GetReferer(ctx context.Context) (*BucketGetRefererResult, *Response, error) {
+	var res BucketGetRefererResult
+	sendOpt := &sendOptions{
+		baseURL: s.client.BaseURL.BucketURL,
+		uri:     "/?referer",
+		method:  http.MethodGet,
+		result:  &res,
+	}
+	resp, err := s.client.send(ctx, sendOpt)
+	return &res, resp, err
+}
diff --git a/bucket_referer_test.go b/bucket_referer_test.go
new file mode 100644
index 0000000..b648e37
--- /dev/null
+++ b/bucket_referer_test.go
@@ -0,0 +1,88 @@
+package cos
+
+import (
+	"context"
+	"encoding/xml"
+	"fmt"
+	"net/http"
+	"reflect"
+	"testing"
+)
+
+func TestBucketService_GetReferer(t *testing.T) {
+	setup()
+	defer teardown()
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "GET")
+		vs := values{
+			"referer": "",
+		}
+		testFormValues(t, r, vs)
+		fmt.Fprint(w, `<RefererConfiguration>
+    <Status>Enabled</Status>
+    <RefererType>White-List</RefererType>
+    <DomainList>
+        <Domain>*.qq.com</Domain>
+        <Domain>*.qcloud.com</Domain>
+    </DomainList>
+    <EmptyReferConfiguration>Allow</EmptyReferConfiguration>
+</RefererConfiguration>`)
+	})
+
+	res, _, err := client.Bucket.GetReferer(context.Background())
+	if err != nil {
+		t.Fatalf("Bucket.GetReferer returned error %v", err)
+	}
+
+	want := &BucketGetRefererResult{
+		XMLName:     xml.Name{Local: "RefererConfiguration"},
+		Status:      "Enabled",
+		RefererType: "White-List",
+		DomainList: []string{
+			"*.qq.com",
+			"*.qcloud.com",
+		},
+		EmptyReferConfiguration: "Allow",
+	}
+
+	if !reflect.DeepEqual(res, want) {
+		t.Errorf("Bucket.GetReferer returned %+v, want %+v", res, want)
+	}
+}
+
+func TestBucketService_PutReferer(t *testing.T) {
+	setup()
+	defer teardown()
+
+	opt := &BucketPutRefererOptions{
+		Status:      "Enabled",
+		RefererType: "White-List",
+		DomainList: []string{
+			"*.qq.com",
+			"*.qcloud.com",
+		},
+		EmptyReferConfiguration: "Allow",
+	}
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		testMethod(t, r, "PUT")
+		vs := values{
+			"referer": "",
+		}
+		testFormValues(t, r, vs)
+
+		body := new(BucketPutRefererOptions)
+		xml.NewDecoder(r.Body).Decode(body)
+		want := opt
+		want.XMLName = xml.Name{Local: "RefererConfiguration"}
+		if !reflect.DeepEqual(body, want) {
+			t.Errorf("Bucket.PutReferer request\n body: %+v\nwant %+v\n", body, want)
+		}
+	})
+
+	_, err := client.Bucket.PutReferer(context.Background(), opt)
+	if err != nil {
+		t.Fatalf("Bucket.PutReferer returned error: %v", err)
+	}
+}
diff --git a/cos.go b/cos.go
index 132e128..ac005f8 100644
--- a/cos.go
+++ b/cos.go
@@ -21,7 +21,7 @@ import (
 
 const (
 	// Version current go sdk version
-	Version               = "0.7.3"
+	Version               = "0.7.4"
 	userAgent             = "cos-go-sdk-v5/" + Version
 	contentTypeXML        = "application/xml"
 	defaultServiceBaseURL = "http://service.cos.myqcloud.com"
diff --git a/costesting/ci_test.go b/costesting/ci_test.go
index 01d5006..38a8ffa 100644
--- a/costesting/ci_test.go
+++ b/costesting/ci_test.go
@@ -802,6 +802,7 @@ func (s *CosTestSuite) TestBatch() {
 	assert.Equal(s.T(), res3.JobId, jobid, "jobid failed")
 	assert.Equal(s.T(), res3.Priority, 3, "priority not right")
 
+	// 等待状态变成Suspended
 	for i := 0; i < 10; i = i + 1 {
 		res, _, err := client.Batch.DescribeJob(context.Background(), jobid, headers)
 		assert.Nil(s.T(), err, "describe job Failed")
@@ -830,6 +831,46 @@ func (s *CosTestSuite) TestBatch() {
 	assert.Equal(s.T(), res4.StatusUpdateReason, "to test", "StatusUpdateReason failed")
 }
 
+func (s *CosTestSuite) TestEncryption() {
+	opt := &cos.BucketPutEncryptionOptions{
+		Rule: &cos.BucketEncryptionConfiguration{
+			SSEAlgorithm: "AES256",
+		},
+	}
+
+	_, err := s.Client.Bucket.PutEncryption(context.Background(), opt)
+	assert.Nil(s.T(), err, "PutEncryption Failed")
+
+	res, _, err := s.Client.Bucket.GetEncryption(context.Background())
+	assert.Nil(s.T(), err, "GetEncryption Failed")
+	assert.Equal(s.T(), opt.Rule.SSEAlgorithm, res.Rule.SSEAlgorithm, "GetEncryption Failed")
+
+	_, err = s.Client.Bucket.DeleteEncryption(context.Background())
+	assert.Nil(s.T(), err, "DeleteEncryption Failed")
+}
+
+func (s *CosTestSuite) TestReferer() {
+	opt := &cos.BucketPutRefererOptions{
+		Status:      "Enabled",
+		RefererType: "White-List",
+		DomainList: []string{
+			"*.qq.com",
+			"*.qcloud.com",
+		},
+		EmptyReferConfiguration: "Allow",
+	}
+
+	_, err := s.Client.Bucket.PutReferer(context.Background(), opt)
+	assert.Nil(s.T(), err, "PutReferer Failed")
+
+	res, _, err := s.Client.Bucket.GetReferer(context.Background())
+	assert.Nil(s.T(), err, "GetReferer Failed")
+	assert.Equal(s.T(), opt.Status, res.Status, "GetReferer Failed")
+	assert.Equal(s.T(), opt.RefererType, res.RefererType, "GetReferer Failed")
+	assert.Equal(s.T(), opt.DomainList, res.DomainList, "GetReferer Failed")
+	assert.Equal(s.T(), opt.EmptyReferConfiguration, res.EmptyReferConfiguration, "GetReferer Failed")
+}
+
 // End of api test
 
 // All methods that begin with "Test" are run as tests within a
diff --git a/example/bucket/encryption.go b/example/bucket/encryption.go
new file mode 100644
index 0000000..addeee4
--- /dev/null
+++ b/example/bucket/encryption.go
@@ -0,0 +1,68 @@
+package main
+
+import (
+	"context"
+	"encoding/xml"
+	"fmt"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"github.com/tencentyun/cos-go-sdk-v5/debug"
+)
+
+func log_status(err error) {
+	if err == nil {
+		return
+	}
+	if cos.IsNotFoundError(err) {
+		// WARN
+		fmt.Println("Resource is not existed")
+	} else if e, ok := cos.IsCOSError(err); ok {
+		fmt.Printf("Code: %v\n", e.Code)
+		fmt.Printf("Message: %v\n", e.Message)
+		fmt.Printf("Resource: %v\n", e.Resource)
+		fmt.Printf("RequestId: %v\n", e.RequestID)
+		// ERROR
+	} else {
+		fmt.Println(err)
+		// ERROR
+	}
+}
+
+func main() {
+	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
+	b := &cos.BaseURL{
+		BucketURL: u,
+	}
+	c := cos.NewClient(b, &http.Client{
+		Transport: &cos.AuthorizationTransport{
+			SecretID:  os.Getenv("COS_SECRETID"),
+			SecretKey: os.Getenv("COS_SECRETKEY"),
+			Transport: &debug.DebugRequestTransport{
+				RequestHeader:  true,
+				RequestBody:    true,
+				ResponseHeader: true,
+				ResponseBody:   true,
+			},
+		},
+	})
+
+	opt := &cos.BucketPutEncryptionOptions{
+		XMLName: xml.Name{Local: "ServerSideEncryptionConfiguration"},
+		Rule: &cos.BucketEncryptionConfiguration{
+			SSEAlgorithm: "AES256",
+		},
+	}
+
+	_, err := c.Bucket.PutEncryption(context.Background(), opt)
+	log_status(err)
+
+	res, _, err := c.Bucket.GetEncryption(context.Background())
+	log_status(err)
+	fmt.Printf("%+v\n", res)
+
+	_, err = c.Bucket.DeleteEncryption(context.Background())
+	log_status(err)
+}
diff --git a/example/bucket/referer.go b/example/bucket/referer.go
new file mode 100644
index 0000000..8820505
--- /dev/null
+++ b/example/bucket/referer.go
@@ -0,0 +1,67 @@
+package main
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/url"
+	"os"
+
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"github.com/tencentyun/cos-go-sdk-v5/debug"
+)
+
+func log_status(err error) {
+	if err == nil {
+		return
+	}
+	if cos.IsNotFoundError(err) {
+		// WARN
+		fmt.Println("Resource is not existed")
+	} else if e, ok := cos.IsCOSError(err); ok {
+		fmt.Printf("Code: %v\n", e.Code)
+		fmt.Printf("Message: %v\n", e.Message)
+		fmt.Printf("Resource: %v\n", e.Resource)
+		fmt.Printf("RequestId: %v\n", e.RequestID)
+		// ERROR
+	} else {
+		fmt.Println(err)
+		// ERROR
+	}
+}
+
+func main() {
+	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
+	b := &cos.BaseURL{
+		BucketURL: u,
+	}
+	c := cos.NewClient(b, &http.Client{
+		Transport: &cos.AuthorizationTransport{
+			SecretID:  os.Getenv("COS_SECRETID"),
+			SecretKey: os.Getenv("COS_SECRETKEY"),
+			Transport: &debug.DebugRequestTransport{
+				RequestHeader:  true,
+				RequestBody:    true,
+				ResponseHeader: true,
+				ResponseBody:   true,
+			},
+		},
+	})
+
+	opt := &cos.BucketPutRefererOptions{
+		Status:      "Enabled",
+		RefererType: "White-List",
+		DomainList: []string{
+			"*.qq.com",
+			"*.qcloud.com",
+		},
+		EmptyReferConfiguration: "Allow",
+	}
+
+	_, err := c.Bucket.PutReferer(context.Background(), opt)
+	log_status(err)
+
+	res, _, err := c.Bucket.GetReferer(context.Background())
+	log_status(err)
+	fmt.Printf("%+v\n", res)
+}