Amazon S3 Bucket Policy Referer

后端未结

关注

 2  1605

I\'m trying to edit my S3 bucket configuration such that 3rd party sites can not link to content in it. Also an added benefit is that they can only access content from my do

相关标签:

2条回答

日久生厌

2021-01-03 04:19

Do you have logging enabled for your bucket?

If you do, you could check the logs to verify that a referer is getting logged along with those 403 Access Denied messages and that it's what you expect. If it isn't, then the problem isn't with the bucket configuration -- it's a question of why the referer isn't being sent by the browser.

If you don't have logging enabled, then enable logging.

Also an added benefit is that they can only access content from my domain rather than the supplementary s3bucket.amazon-east.amazonaws.com or something to that effect.

What makes you think this would be true?

0 讨论(0)
发布评论:

提交评论
- 加载中...
盖世英雄少女心

2021-01-03 04:31
Its important to note that if your referer includes /* on the end then it will only allow content from children of that referer, but not from that referer itself.

So if you want to include your main domain as well, then you would need to do it like this:
```
                "aws:Referer": [
                    "http://example.com",
                    "http://example.com/*",
                    "http://www.example.com",
                    "http://www.example.com/*"
                ]
```
0 讨论(0)
发布评论:

提交评论
- 加载中...