音频文件从Amazon S3的prevent直接下载 [英] Prevent direct download of audio files from amazon s3

问题描述

我已经存放在Amazon S3的音频文件，这是从一个基于Web的音乐播放器应用程序访问，也从移动应用程序。即使在非签约用户应该能够访问音乐。但是我不希望人们使用的链接来下载内容。可以在S3可能？

I have audio files stored at Amazon S3 which are accessed from a web based music player app and also from mobile apps. Even non signed in users should be able to access the music. However i dont want people to use the link to download the content. Can this be accomplished in s3 ?

感谢您

推荐答案

您可以根据HTTP引用限制访问。这不是刀枪不入（推荐人可以欺骗），但它会停止随意下载。

You can restrict access based on the HTTP referrer. It's not bulletproof (Referrer can be spoofed) but it will stop casual downloads.

您使用的水桶政策，限制可能的值推荐人。

You use a bucket policy to restrict the possible values for Referrer.

还有这个页面上的一个例子（向下滚动位）的http://docs.aws.amazon.com/AmazonS3/latest/dev/AccessPolicyLanguage_UseCases_s3_a.html

There's an example on this page (scroll down a bit) http://docs.aws.amazon.com/AmazonS3/latest/dev/AccessPolicyLanguage_UseCases_s3_a.html

下面是他们的例子：

{
  "Version":"2008-10-17",
  "Id":"http referer policy example",
  "Statement":[
    {
      "Sid":"Allow get requests originated from www.example.com and example.com",
      "Effect":"Allow",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::examplebucket/*",
      "Condition":{
        "StringLike":{
          "aws:Referer":[
            "http://www.example.com/*",
            "http://example.com/*"
          ]
        }
      }
    }
  ]
}

您也可以做到这一点到期签署网址 - 这将阻止更多的人链接到其他网站的内容

You could also do signed URLs that expire - that would stop people from LINKING to your content from other site.

这篇关于音频文件从Amazon S3的prevent直接下载的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！