IMG标签采购AWS S3失败-CORB吗? [英] IMG tag sourcing AWS S3 fails - CORB?
问题描述
我想将Web项目的图像托管在AWS存储桶中,然后在呈现HTML时动态拉出它们.这给我带来了比我预想的更多的麻烦.
I want to host images for a web project on an AWS bucket, then dynamically pull them as the HTML is rendered. This is giving me a lot more trouble than I anticipated.
这是令人讨厌的标签:
<img src="https://s3.us-east-2.amazonaws.com/ibidnyc/Summer Smith/VERBAL/subsections/Summer-Smith-VERBAL-subtopic-POETRY-fig.jpg" alt="">
执行此操作时,出现跨域读取阻止(CORB)错误(在检查器中;我正在运行Chrome)-显然,Chrome在某些情况下会阻止链接到其他网站上的img源?游标搜索将我带到这里( zyst. io/how-to-fix-aws-s3-chrome-and-safari-cors-on-images ),但我不知道如何应用它.另外,本文针对的是CORS,而不是CORB(我认为是较新的?).
When I do this, I get a Cross-Origin Read Blocking (CORB) error (in the inspector; I'm running Chrome) - apparently, Chrome prevents linking to img sources on other websites in some cases? Cursory searches brought me here (zyst.io/how-to-fix-aws-s3-chrome-and-safari-cors-on-images) but I don't know how to apply it. Also, the article addresses CORS, not CORB (which I think is newer?).
推荐答案
结果证明@Brad是正确的.当我将存储桶实例化为公共时,上传到该存储桶的单个图像仍然是私有的.
Turns out @Brad was right. While I had instantiated the bucket as public, individual images uploaded to said bucket were still private.
将存储桶策略更改为该策略很成功(感谢 h3xed.com!):
Changing the bucket policy to this one did the trick (thanks h3xed.com!):
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Action": "s3:GetObject",
"Effect": "Allow",
"Resource": "arn:aws:s3:::[bucket_name_here]/*",
"Principal": "*"
}
]
}
Bucket policy editing explained here.
感谢所有贡献者!
这篇关于IMG标签采购AWS S3失败-CORB吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!