Dai*_*wei 11 amazon-s3 font-face cors amazon-cloudfront ruby-on-rails-3.2
最近我启用了Amazon S3 + CloudFront作为我的rails应用程序的CDN.为了使用字体资源并在Firefox或IE中显示它们,我必须在我的S3存储桶上启用CORS.
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
然后我用了curl -I https://small-read-staging-assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz,我得到了:
HTTP/1.1 200 OK
x-amz-id-2: Ovs0D578kzW1J72ej0duCi17lnw+wZryGeTw722V2XOteXOC4RoThU8t+NcXksCb
x-amz-request-id: 52E934392E32679A
Date: Tue, 04 Jun 2013 02:34:50 GMT
Cache-Control: public, max-age=31557600
Content-Encoding: gzip
Expires: Wed, 04 Jun 2014 08:16:26 GMT
Last-Modified: Tue, 04 Jun 2013 02:16:26 GMT
ETag: "723791e0c993b691c442970e9718d001"
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39140
Server: AmazonS3
我应该看看'Access-Control-Allow-Origin'哪里?S3是否需要时间来更新CORS设置?如果缓存它们,我可以强制过期标头吗?
小智 7
尝试发送Origin标头:
$ curl -v -H "Origin: http://example.com" -X GET https://small-read-staging-assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz > /dev/null
然后输出应显示您正在寻找的CORS响应头:
< Access-Control-Allow-Origin: http://example.com
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Credentials: true
< Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
有关如何使用cURL调试CORS请求的其他信息,请参见: 如何使用cURL调试CORS请求?
请注意,有不同类型的CORS请求(简单和预检),可以在此处找到有关差异的精彩教程:http: //www.html5rocks.com/en/tutorials/cors/
希望这可以帮助!