S3主机/查询字符串认证打破了额外的参数 [英] S3 Hosting/Query String Authentication broken with extra parameters

问题描述

我有一个Django的项目设置与S3作为静态文件的主机。

settings.py

  AWS_STORAG​​E_BUCKET_NAME =项目1
康恩= boto.connect_s3（）
STATICFILES_STORAG​​E ='storages.backends.s3boto.S3BotoStorage
S3_URL ='http://project-1.s3.amazonaws.com/
STATIC_URL = S3_URL
 

然后我让使用模板标记引用在我的模板静态文件，像这样：

 ＆LT;脚本的src ={％静态JS / jquery.payment.js％}＆GT;＆LT; / SCRIPT＆GT;
 

这使得在浏览器中正确里面，但是URL对他们3其他参数，签名，过期，和 AWSAccessKeyId 。后两者不具有对文件的任何影响，但在InvalidAccessKeyId错误渲染签名值会导致访问文件，并显示消息的AWS访问密钥ID您设在我们的记录不存在。

手动带走了签名参数让我访问该文件的罚款。带走所有三个参数是好的。带走的后两个参数的结果无论是在一个错误：查询字符串身份验证要求签名，过期和AWSAccessKeyId参数

<一个href="http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationQueryStringAuth"相对=nofollow> Amazon的S3文档显示，查询字符串身份验证用于允许您访问，你通常需要身份验证的文件，并且该过期参数不，因为我认为这是，相关的缓存。由于看来，这些文件不需要任何身份验证（即我可以访问时没有URL参数present），我需要帮助的：

1. 在制作staticfiles /博托不是我的网址迫使这些参数
2. 在制作staticfiles /博托获得有效的签名值

解决方案

设置 AWS_QUERYSTRING_AUTH =假。

I have a Django project setup with S3 as the static file host.

settings.py

AWS_STORAGE_BUCKET_NAME = 'project-1'
conn = boto.connect_s3()
STATICFILES_STORAGE = 'storages.backends.s3boto.S3BotoStorage'
S3_URL = 'http://project-1.s3.amazonaws.com/'
STATIC_URL = S3_URL

And then I make references to static files in my templates using the template tag, like so:

<script src="{% static 'js/jquery.payment.js' %}"></script>

This renders correctly inside the browser, but the URL has 3 other parameters on them, Signature, Expires, and AWSAccessKeyId. The latter two do not have any affect on the file, but accessing the file with the rendered Signature value results in an InvalidAccessKeyId error, with the message "The AWS Access Key Id you provided does not exist in our records."

Manually taking away the Signature parameter lets me access the file fine. Taking away all three parameters is fine. Taking away either of the latter two parameters results in an error: "Query-string authentication requires the Signature, Expires and AWSAccessKeyId parameters".

Amazon's S3 documentation reveals that query string authentication is used to allow you access to files that you would normally need authentication to, and that the Expires parameter is not, as I thought it was, related to caching. Since it appears that these files don't require any authentication (i.e. I can access them when no URL parameters are present), I need help either:

1. making staticfiles/boto not force these parameters on my urls
2. making staticfiles/boto obtain a valid Signature value

解决方案

Set AWS_QUERYSTRING_AUTH = False.

这篇关于S3主机/查询字符串认证打破了额外的参数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！