我正在尝试将签名的可恢复上传执行到 GCS。我们的前端在初始请求上遇到了 CORS 限制:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
响应头不显示 CORS 头:
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 13 Nov 2018 20:28:32 GMT
expires: Tue, 13 Nov 2018 20:28:32 GMT
server: UploadServer
status: 200
x-guploader-uploadid: AEnB2Ups1tKbTbhPmsjrPXbIuIUyQt135AlSJ1n7-7XTwMrtQ2vUvn1WwpX3a_iusfmsXHaufdf5B3H2PzmDONs2wW7tKkLarYoxrVyWalhaX6FzGQPoRW0
调试时,我发送了一个 curl 请求来模仿我们前端的请求:
curl -H "Access-Control-Request-Headers: content-type,x-goog-resumable" \
-H "Access-Control-Request-Method: POST" \
-H "Origin: https://www.example.com" \
-X OPTIONS -I …
In order to keep the uploaded media (S3 objects) private for all the clients on my multi-tenant system I implemented a Cloudfront CDN deployment and configured it (and its Origin S3 Bucket) to force the use of signed URLs in order to GET any of the objects.
First, the user is authenticated via my system, and then a signed URL is generated and returned to them using the AWS.CloudFront.Signer.getSignedUrl() method provided by the AWS JS SDK …
amazon-s3 amazon-web-services amazon-cloudfront pre-signed-url
我正在尝试使用签名 URL 从前端通过 fetch 上传到 GCP,但遇到了持续存在的 CORS 问题。
要上传的文件是否应该嵌入到signedurl中,或者发送到请求正文中的signedurl?
这是错误:
Access to fetch at <signedurl> from origin 'http://my.domain.com:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
这是存储桶上的 CORS 配置:
[
{
"origin": ["http://gcs.wuddit.com:3000"],
"responseHeader": ["Content-Type", "Authorization", "Content-Length", "User-Agent", "x-goog-resumable", "Access-Control-Allow-Origin"],
"method": ["GET", "POST", "PUT", "DELETE"],
"maxAgeSeconds": 3600
}
]
这是获取调用:
const uploadHandler = async (theFile, signedUrl) => {
try {
const response …cors preflight pre-signed-url google-cloud-platform fetch-api
我想使用预先签名的URL将文件从iOS App上传到AWS S3存储桶.URL是正确的,因为它在命令行上使用curl.
curl -v -k --upload-file FILENAME "https://MYBUCKET.amazonaws.com:443/KEYNAME?Signature=...&Expires=1391691489&AWSAccessKeyId=..."
使用以下Objective-C代码......
- (void)upload:(NSString *)url fileData:(NSData *)fileData
{
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
[request setURL:[NSURL URLWithString:url]];
[request setHTTPMethod:@"PUT"];
[request setHTTPBody:fileData];
[request setValue:[NSString stringWithFormat:@"%d", [fileData length]] forHTTPHeaderField:@"Content-Length"];
[request setValue:@"audio/mpeg" forHTTPHeaderField:@"Content-Type"];
[request setValue:@"public-read" forHTTPHeaderField:@"x-amz-acl"];
[request setValue:@"iPhone-OS/6.0 fr_FR NE" forHTTPHeaderField:@"User-Agent"];
_connection = [NSURLConnection connectionWithRequest:request delegate:self];
[_connection start];
}
...我收到此错误:
Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo=0x9c49560 {NSErrorFailingURLStringKey=https://MYBUCKET.s3.amazonaws.com:443/KEYNAME?Signature=...&Expires=1391703958&AWSAccessKeyId=..., NSErrorFailingURLKey=https://MYBUCKET.amazonaws.com:443/KEYNAME?Signature=...&Expires=1391703958&AWSAccessKeyId=..., NSLocalizedDescription=The request timed out., NSUnderlyingError=0x9c48c80 "The request timed out."}
我使用WireShark查看是否有任何流量,并且有很多流量.
我不知道我的代码有什么问题.似乎文件传输没有正确终止.
objective-c amazon-s3 amazon-web-services ios pre-signed-url
如果我生成的Presigned URL已过期,我应该get_headers()(在PHP中)查看是否403 Forbidden抛出错误,否则使用相同的URL?或者这是一个坏主意,因为这是一个不必要的GET请求?我是否应该每次只重新生成一个新的Presigned URL?我有点困惑,因为似乎没有太多关于此的信息.
我正在使用Node来获取S3的presignedRUL以便将图像放入S3存储桶。
var aws = require('aws-sdk');
// Request presigned URL from S3
exports.S3presignedURL = function (req, res) {
var s3 = new aws.S3();
var params = {
Bucket: process.env.S3_BUCKET,
Key: '123456', //TODO: creat unique S3 key
//ACL:'public-read',
ContentType: req.body['Content-Type'], //'image/jpg'
};
s3.getSignedUrl('putObject', params, function(err, url) {
if(err) console.log(err);
res.json({url: url});
});
};
这将成功检索以下形式的预签名网址:
回到客户端(Web应用程序),我使用angular来生成HTTP请求。我曾经用过$ http和ngFileUpload,但都缺少类似的成功。这是我的ngFileUpload代码。
Upload.upload({
url: responce.data.url, //S3 upload url including bucket name
method: 'PUT',
'Content-Type': file.type, //I …amazon-s3 http-status-code-403 angularjs pre-signed-url ng-file-upload
我为我的用户生成了与此类似的 url,以便从我的 aws s3 存储桶中检索图像文件:
有时,用户可能会刷新页面,同一资源的 url 会为Expires和获取一组新值Signature。
浏览器会将这两个 url 视为不同的两个对象,并会再次尝试从 s3 存储桶下载资源。
它会导致一些性能问题。是否有可能让浏览器意识到这样一个事实:尽管 url 的参数部分存在差异,但用户正在尝试检索相同的资源并因此从其本地缓存中检索它?
我生成的服务器端与以下参数预先签署的URL请求GeneratePresignedUrlRequest:bucket,key,expiration = in 1 hour和method = PUT.
在我的Angular应用程序中,我使用ng-file-upload上传文件
Upload.http({
url: $scope.signedUrl,
method: "PUT",
headers : {
'Content-Type': $scope.file.type
},
data: $scope.file
});
问题是我总是有一个403响应,除非我设置文件的类型GeneratePresignedUrlRequest.contentType.
问题是,我不能提前预知的用户会选择什么类型的文件(image/png,image/jpeg,text/plain...).
如何生成接受各种类型的预签名网址content-type?我尝试将其设置为null,它一直发送403错误.
谢谢.
以下是我正在做的事情。我正在使用自定义域为我的非公开 s3 存储桶资源生成预签名 URL。
https://files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
另外,为了添加证书,我为具有以下原始设置的存储桶创建了一个 Cloudfront 发行版
源域名:bucket-name.s3.amazonaws.com 源 ID:s3.bucket-name 限制存储桶访问:否
但我无法访问我的资源。抛出访问被拒绝错误。任何帮助,将不胜感激。
amazon-s3 amazon-web-services amazon-cloudfront pre-signed-url aws-sdk
我正在开发一项功能,使用 Angular/presigned url 和 API Gateway/Lambda 将文件上传到 S3,以生成预签名 url。
我的工作流程描述如下:
const body = { fileName: this.selectedFile.name } const preSignedUrl = await this.http.post('https://xxxxx.execute-api.eu-west-1.amazonaws.com/dev/v1/profile/avatar ', body).toPromise();
后端
我正在使用无服务器(Lambda/API 网关)来计算 presignedUrl。
拉姆达
const AWS = require('aws-sdk')
module.exports.uploadLargeFile = async (event) => {
console.log('1. Event: ', event.body);
const reqBodyAsString = event.body || '{}';
const fileName = JSON.parse(reqBodyAsString).fileName;
return getUploadURL(fileName);
}
const getUploadURL = async (fileName) => {
const s3Params = {
Bucket: process.env.AVATAR_BUCKET,
Expires: 60 …file-upload amazon-s3 amazon-web-services pre-signed-url angular
pre-signed-url ×10
amazon-s3 ×8
angularjs ×2
cors ×2
angular ×1
aws-sdk ×1
fetch-api ×1
file-upload ×1
ios ×1
objective-c ×1
php ×1
preflight ×1