Google云端存储:CORS设置不适用于签名网址 [英] Google Cloud Storage: CORS settings doesn't work for signed URLs
问题描述
带有签名URL的PUT
请求的响应不包含标头Access-Control-Allow-Origin
.
The response of PUT
request with signed URL doesn't contain header Access-Control-Allow-Origin
.
import os
from datetime import timedelta
import requests
from google.cloud import storage
os.environ['GOOGLE_APPLICATION_CREDENTIALS'] = <path to google credentials>
client = storage.Client()
bucket = client.get_bucket('my_bucket')
policies = [
{
'origin': ['*'],
'method': ['PUT'],
}
]
bucket.cors = policies
bucket.update()
blob = bucket.blob('new_file')
url = blob.generate_signed_url(timedelta(days=30), method='PUT')
response = requests.put(url, data='some data')
for header in response.headers.keys():
print(header)
输出:
X-GUploader-UploadID
ETag
x-goog-generation
x-goog-metageneration
x-goog-hash
x-goog-stored-content-length
x-goog-stored-content-encoding
Vary
Content-Length
Date
Server
Content-Type
Alt-Svc
如您所见,没有CORS标头.因此,我可以得出结论,GCS不正确/完全不支持CORS吗?
As you can see there is no CORS-headers. So, can I conclude that GCS doesn't support CORS properly/fully?
推荐答案
跨源资源共享(CORS)允许来自不同源的资源之间进行交互. 默认情况下,为了防止恶意行为,Google Cloud Storage中默认将其禁止/禁用.
Cross Origin Resource Sharing (CORS) allows interactions between resources from different origins. By default, in Google Cloud Storage it is prohibited/disabled in order to prevent malicious behavior.
您可以使用云库,Rest API或云SDK,请牢记以下规则:
You can enable it either using Cloud Libraries, Rest API or Cloud SDK, keeping in mind following rules:
-
使用具有Cloud Storage类型权限的用户/服务帐户进行身份验证:
FULL_CONTROL
.
使用XML API 获取正确的CORS标头,请使用两个URL之一:
Using XML API to get proper CORS headers, use one of the two URLs:
- storage.googleapis.com/[BUCKET_NAME]
- [BUCKET_NAME].storage.googleapis.com
来源storage.cloud.google.com/[BUCKET_NAME]
将不使用CORS标头进行响应.
Origin storage.cloud.google.com/[BUCKET_NAME]
will not respond with CORS header.
- Request need proper ORIGIN header to match bucket policy ORIGIN configuration as stated in the point 3 of the CORS troubleshooting documentation, in case of your code:
headers = {
'ORIGIN': '*'
}
response = requests.put(url, data='some data', headers=headers)
for header in response.headers.keys():
print(header)
给出以下输出:
X-GUploader-UploadID
ETag
x-goog-generation
x-goog-metageneration
x-goog-hash
x-goog-stored-content-length
x-goog-stored-content-encoding
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length
Date
Server
Content-Type
这篇关于Google云端存储:CORS设置不适用于签名网址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!