问题描述
我们有我们需要的CORS的配置是这样的水桶:
We have a bucket that we need the CORS configuration to be like this:
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedHeader>*</AllowedHeader>
<AllowedMethod>GET</AllowedMethod>
</CORSRule>
我们需要这样的,所以我们可以从出口画布上的图像没有得到污染的画布上的错误。
We need it like that so we can export the images from canvas without getting tainted canvas error.
我们在不同的项目中这个不超过3个星期前没有和它的工作只是罚款,管理员会修改CORS的配置,我可以看到新的配置,即使我不能编辑它。
We did this no more than 3 weeks ago in a different project and it worked just fine, the admin would modify the CORS config and I could see new config even though I couldn't edit it.
今天我们尝试过了,他保存了新的配置,我总是看到默认的,它是这样的:
Today we tried it and he saves the new configuration and I keep seeing the default one, which is this:
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
如果他登录他认为需要的配置,但我仍然得到污点画布错误。
If he logs in he sees the configuration required, but I'm still getting the tainted canvas error.
因此,我们3个问题:
So we 3 questions:
- 他怎么设置桶的权限对我来说,能够编辑的CORS?我们给所有权限,以验证用户的水桶,我仍然不能修改CORS的配置。
- 有谁知道问题可能是这个东西,是*通配符不再与AWS的S3? 允许
- 如果通配符不再有效,我怎么才可以向授权的报头中的要求吗?
在先进的感谢您的帮助。
Thanks in advanced for the help.
推荐答案
权限设置CORS被授予通过身份和访问管理(IAM)的用户,不是斗级权限,例如:
Permission for setting CORS is granted to users via Identity and Access Management (IAM), not bucket-level permissions, eg:
{
"Id": "SomeID",
"Statement": [
{
"Sid": "SomeSID",
"Action": [
"s3:GetBucketCORS",
"s3:PutBucketCORS"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::BUCKET-NAME",
"Principal": {
"AWS": [
"USERNAME"
]
}
}
]
}
我能够成功编辑CORS政策水桶,用你上面提供的规则。 (我没有测试它的工作,但我可以将其保存为一个策略。)
I was successfully able to edit a CORS policy on a bucket, using the Rule that you provided above. (I did not test that it worked, but I was able to save it as a policy.)
这篇关于AWS S3桶CORS的配置是不是正确节省的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!