Does Amazon S3 need time to update CORS settings? How long?

后端 未结 4 1110
余生分开走
余生分开走 2021-01-02 02:12

Recently I enabled Amazon S3 + CloudFront to serve as CDN for my rails application. In order to use font assets and display them in Firefox or IE, I have to enable CORS on m

相关标签:
4条回答
  • 2021-01-02 02:19

    To answer the actual question in the title:

    No, S3 does not seem to take any time to propagate the CORS settings. (as of 2019)

    However, if you're using Chrome (and maybe others), then CORS settings may be cached by the browser so you won't necessarily see the changes you expect if you just do an ordinary browser refresh. Instead right click on the refresh button and choose "Empty Cache and Hard Reload" (as of Chrome 73). Then the new CORS settings will take effect within <~5 seconds of making the change in the AWS console. (It may be much faster than that. Haven't tested.) This applies to a plain S3 bucket. I don't know how CloudFront affects things.

    (I realize this question is 6 years old and may have involved additional technical issues that other people have long since answered, but when you search for the simple question of propagation times for CORS changes, this question is what pops up first, so I think it deserves an answer that addresses that.)

    0 讨论(0)
  • 2021-01-02 02:25

    Try these:

    1. Try to scope-down the domain names you want to allow access to. S3 doesn't like *.
    2. CloudFront + S3 doesn't handle the CORS configuration correctly out of the box. A kludge is to append a query string containing the name of the referring domain, and explicitly enable support for query strings in your CloudFront distribution settings.
    0 讨论(0)
  • 2021-01-02 02:32

    You have a few problems with the way you test CORS.

    1. Your CORS configuration does not have a HEAD method.
    2. Your curl command does not have -H header.

    I am able to get your data by using curl like following. However they dumped garbage on my screen because your data is compressed binary.

    curl --request GET  https://small-read-staging-assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz -H "http://google.com"
    
    0 讨论(0)
  • 2021-01-02 02:33

    Try sending the Origin header:

    $ curl -v -H "Origin: http://example.com" -X GET https://small-read-staging-assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz > /dev/null
    

    The output should then show the CORS response headers you are looking for:

    < Access-Control-Allow-Origin: http://example.com
    < Access-Control-Allow-Methods: GET
    < Access-Control-Allow-Credentials: true
    < Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
    

    Additional information about how to debug CORS requests with cURL can be found here: How can you debug a CORS request with cURL?

    Note that there are different types of CORS requests (simple and preflight), a nice tutorial about the differences can be found here: http://www.html5rocks.com/en/tutorials/cors/

    Hope this helps!

    0 讨论(0)
提交回复
热议问题