AWS S3存储桶:CORS配置 [英] AWS S3 bucket: CORS Configuration
问题描述
我正在尝试从S3下载图像.但是我收到了错误的CORS.
I am trying to download an image from S3. But I got error CORS.
我做了什么:
-为S3存储桶设置CORS配置:
-Setup CORS configuration for S3 bucket:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<ExposeHeader>Accept-Ranges</ExposeHeader>
<ExposeHeader>Content-Range</ExposeHeader>
<ExposeHeader>Content-Encoding</ExposeHeader>
<ExposeHeader>Content-Length</ExposeHeader>
<ExposeHeader>Access-Control-Allow-Origin</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
-我使用AWS控制台上传了图像
-I uploaded an image using AWS console
-在html中加载图片:
-load image in html:
<div id="my-node">
<img id="image" src="path/to/s3/bucket/image.png" class="img-responsive"/>
</div>
-要下载图像,我使用 https://github.com/tsayen/dom-图片下载
-To download image, I use https://github.com/tsayen/dom-to-image to download
domtoimage.toBlob(document.getElementById('my-node'))
.then(function (blob) {
window.saveAs(blob, 'my-node.png');
});
结果:我收到错误
XMLHttpRequest无法加载path/to/s3/bucket/image.png.不请求中存在"Access-Control-Allow-Origin"标头资源.
XMLHttpRequest cannot load path/to/s3/bucket/image.png. No 'Access-Control-Allow-Origin' header is present on the requested resource.
我检查了图像,响应头不包括Access-Control-Allow-Origin(似乎S3在响应中不包括CORS配置)
I inspected the image, the response header not including Access-Control-Allow-Origin (it seems S3 didn't include CORS configuration in response)
Accept-Ranges:bytes
Content-Length:124824
Content-Type:image/png
Date:Mon, 24 Apr 2017 17:27:48 GMT
ETag:"xxxxxxxx00000000"
Last-Modified:Mon, 24 Apr 2017 17:18:53 GMT
Server:AmazonS3
x-amz-id-2:xxxxxxxxxxxxxxxxx
x-amz-request-id:xxxxxxxxxxxx
非常感谢您的任何建议或建议
Very appreciated for any suggestion or advice
推荐答案
您的存储桶策略需要至少向公共用户授予 s3:GetBucketCORS
,例如:
Your bucket policy needs to grant at least s3:GetBucketCORS
to public users, e.g.:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetBucketCORS"
],
"Resource": [
"arn:aws:s3:::mybucketname"
]
}
]
}
这篇关于AWS S3存储桶:CORS配置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!