Amazon S3是否需要时间来更新CORS设置？多久？ [英] Does Amazon S3 need time to update CORS settings? How long?

问题描述

最近，我启用了Amazon S3 + CloudFront作为我的Rails应用程序的CDN。为了使用字体资产并在Firefox或IE中显示它们，我必须在S3存储桶中启用CORS。

Recently I enabled Amazon S3 + CloudFront to serve as CDN for my rails application. In order to use font assets and display them in Firefox or IE, I have to enable CORS on my S3 bucket.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

然后我使用 curl -I https：// small-read-staging -assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz ，我得到：

HTTP/1.1 200 OK
x-amz-id-2: Ovs0D578kzW1J72ej0duCi17lnw+wZryGeTw722V2XOteXOC4RoThU8t+NcXksCb
x-amz-request-id: 52E934392E32679A
Date: Tue, 04 Jun 2013 02:34:50 GMT
Cache-Control: public, max-age=31557600
Content-Encoding: gzip
Expires: Wed, 04 Jun 2014 08:16:26 GMT
Last-Modified: Tue, 04 Jun 2013 02:16:26 GMT
ETag: "723791e0c993b691c442970e9718d001"
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39140
Server: AmazonS3

我应该看到 访问控制允许来源 在哪里？ S3是否需要时间来更新CORS设置？

Should I see 'Access-Control-Allow-Origin' some where? Does S3 take time to update CORS settings? Can I force expiring headers if its caching them?

推荐答案

尝试发送Origin报头：

Try sending the Origin header:

$ curl -v -H "Origin: http://example.com" -X GET https://small-read-staging-assets.s3.amazonaws.com/staging/assets/settings_settings-312b7230872a71a534812e770ec299bb.js.gz > /dev/null

然后输出将显示您要查找的CORS响应标头：

The output should then show the CORS response headers you are looking for:

< Access-Control-Allow-Origin: http://example.com
< Access-Control-Allow-Methods: GET
< Access-Control-Allow-Credentials: true
< Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

其他信息有关如何使用cURL调试CORS请求的信息，请参见：
如何使用cURL调试CORS请求？

Additional information about how to debug CORS requests with cURL can be found here: How can you debug a CORS request with cURL?

请注意，有不同类型的CORS请求（简单和预检），关于可以在此处找到不同之处：
http://www.html5rocks.com/cn / tutorials / cors /

Note that there are different types of CORS requests (simple and preflight), a nice tutorial about the differences can be found here: http://www.html5rocks.com/en/tutorials/cors/

希望这会有所帮助！

这篇关于Amazon S3是否需要时间来更新CORS设置？多久？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！