获得S3 CORS访问控制 - 允许 - 产地动态回声请求域回声、产地、访问控制、动态
我怎样才能设置S3 CORS AllowedOrigin 的配置使得其动态回声在访问控制 - 允许 - 原产地请求域头?
How can I set the S3 CORS AllowedOrigin configuration such that it dynamically echos the requesting domain in the Access-Control-Allow-Origin header?
在帖子中,CORS与CloudFront的, S3,和多个域,因此建议制定 AllowedOrigin 到< AllowedOrigin> *< / AllowedOrigin> 做到这一点。然而,S3返回访问控制 - 允许 - 产地:* 而不是
In the post, "CORS with CloudFront, S3, and Multiple Domains", it is suggested that setting AllowedOrigin to <AllowedOrigin>*</AllowedOrigin> does this. However, S3 returns Access-Control-Allow-Origin: * instead.
访问控制 - 允许 - 产地:* 没有我的情况,我现在用的工作 image.crossOrigin =使用 - 凭据 在JavaScript应用程序。使用此选项,S3返回访问控制 - 允许-凭据:真正的。十字起源访问图像,然后失败,因为using通配符在与证书相结合所允许的起源是不允许。
Access-Control-Allow-Origin: * does not work in my case as I am using image.crossOrigin = "use-credentials" in a JavaScript app. With this option, S3 returns Access-Control-Allow-Credentials: true. Cross origin access to the image then fails because using wildcard as the allowed origin in conjunction with credentials is not permitted.
背景为什么这是必要的:
Background for why this is needed:
在我的设置中,获得的图像在S3上要经过我们的域名,在认证要求限制访问,检查是否有帐户被授权访问的图像。如果是,服务器返回一个302重定向到S3的URL。
In my setup, access to images on S3 has to go through our domain, where authentication is required to restrict access and check if an account is authorized to access the images. If it is, the server returns a 302 redirect to an S3 URL.
有关认证工作, image.crossOrigin =使用 - 凭据必须设置这样的请求到达我的服务器所需的凭据。 (顺便说一句,当我测试在Firefox 30.0和Chrome 35.0.1916.153,如果 crossOrigin 设置为匿名,凭据还是发送,但不是在Safari浏览器7.0.4。只能使用的用的凭据来获得一致的跨浏览器的行为)。
For the authentication to work, image.crossOrigin = "use-credentials" has to be set so that the request hits my server with the required credentials. (Incidentally, when I tested on Firefox 30.0 and Chrome 35.0.1916.153, if crossOrigin is set to anonymous, credentials are still sent. But not on Safari 7.0.4. Consistent cross-browser behavior could only be obtained using use-credentials.).
由于浏览器透明地重定向到S3网址,凭据也送。
Because browsers transparently redirects to the S3 URL, credentials are also sent.
推荐答案
AWS的CORS文档不包含本,但我设法在的
