[英]Cors Error on Microsoft Azure Cloud Storage
Hello I am having a Cors Error on Microsoft Azure Cloud Storage. 您好,我在Microsoft Azure云存储上出现Cors错误。
I am generating my SAS as follows: 我正在生成我的SAS,如下所示:
public SAS(string containername, string id, SharedAccessBlobPermissions permissions)
{
this.id = id;
CloudStorageAccount cloudStorageAccount = CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));
CloudBlobContainer containerReference = cloudStorageAccount.CreateCloudBlobClient().GetContainerReference("teeessssttt");
if (containerReference.CreateIfNotExists(null, null))
{
BlobConfig.configureCORS();
}
CloudBlockBlob blockBlobReference = containerReference.GetBlockBlobReference(id);
SharedAccessBlobPolicy sharedAccessBlobPolicy = new SharedAccessBlobPolicy()
{
Permissions = permissions
};
DateTime utcNow = DateTime.UtcNow;
sharedAccessBlobPolicy.SharedAccessStartTime = new DateTimeOffset?(utcNow.AddMinutes(-5));
DateTime dateTime = DateTime.UtcNow;
sharedAccessBlobPolicy.SharedAccessExpiryTime = new DateTimeOffset?(dateTime.AddMinutes(15));
string sharedAccessSignature = blockBlobReference.GetSharedAccessSignature(sharedAccessBlobPolicy);
this.HostingSite = blockBlobReference.Uri.AbsoluteUri;
this.Token = sharedAccessSignature;
this.fullurl = string.Concat(this.HostingSite, this.Token);
}
This generates something like: 这会产生类似以下内容:
{"fullurl":"https://ingenovatebeta.blob.core.windows.net/teeessssttt/7554eb72-f361-4715-a255-a5d6922706b0?sv=2013-08-15&sr=b&sig=iVL4zeytgC1H7W09lV2YZspOKlzF433oqsx9I6cfI68%3D&st=2014-10-24T05%3A58%3A13Z&se=2014-10-24T06%3A18%3A13Z&sp=w","HostingSite":"https://ingenovatebeta.blob.core.windows.net/teeessssttt/7554eb72-f361-4715-a255-a5d6922706b0","id":"7554eb72-f361-4715-a255-a5d6922706b0","Token":"?sv=2013-08-15&sr=b&sig=iVL4zeytgC1H7W09lV2YZspOKlzF433oqsx9I6cfI68%3D&st=2014-10-24T05%3A58%3A13Z&se=2014-10-24T06%3A18%3A13Z&sp=w"}
I am setting up my cors as follows: 我按以下步骤设置我的核心:
CorsRule corsRule = new CorsRule();
corsRule.AllowedOrigins.Add("https://---------------.com");
corsRule.AllowedMethods = CorsHttpMethods.Get | CorsHttpMethods.Post | CorsHttpMethods.Put |
CorsHttpMethods.Options;
corsRule.AllowedHeaders.Add("*");
corsRule.ExposedHeaders.Add("*");
corsRule.MaxAgeInSeconds = (int)TimeSpan.FromDays(5).TotalSeconds;
corsRules.Add(corsRule);
serviceProperty.Cors = corsProperty;
This works when I upload files just to the GUID. 当我仅将文件上传到GUID时,此方法有效。 For example setting my upload URI like the following works:
例如,如下所示设置我的上传URI:
$.get("/api/sas", (function (json) {
var baseUrl = json.fullurl;
myDropzone.options.url = baseUrl;
myDropzone.processFile(file);
}));
However all my files end up in my cloud storage as just the GUID's and no file names or extensions this makes it hard to retrieve the images and such. 但是,我所有的文件都以GUID的形式保存在我的云存储中,而没有文件名或扩展名,这使得检索图像等困难。 In the examples the show you can add a filename.
在示例显示中,您可以添加文件名。 I have followed the examples:
我遵循了以下示例:
$.get("/api/sas", (function (json) {
var baseUrl = json.fullurl;
var indexOfQueryStart = baseUrl.indexOf("?");
submitUri = baseUrl.substring(0, indexOfQueryStart) + '/' + file.name + baseUrl.substring(indexOfQueryStart);
myDropzone.options.url = submitUri;
myDropzone.processFile(file);
}));
However it does not work. 但是,它不起作用。 At this point I get a CORS error:
此时,我收到一个CORS错误:
XMLHttpRequest cannot load https://myurl/mycontainer/82b7f14b-ee7c-45a3…2B%2BmtAJw%3D&st=2014-10-23T04%3A34%3A22Z&se=2014-10-23T04%3A54%3A22Z&sp=w. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://stagingrapidrealities.azurewebsites.net' is therefore not allowed access. The response had HTTP status code 403.
I think I know what's happening. 我想我知道发生了什么事。 Basically there's nothing wrong with your CORS Settings.
基本上,您的CORS设置没有问题。 They are perfectly fine.
他们很好。 The problem is with your SAS.
问题出在您的SAS。
What is happening is that you're creating a SAS on the blob (blob's name is 7554eb72-f361-4715-a255-a5d6922706b0
). 发生的事情是您正在blob上创建SAS(blob的名称为
7554eb72-f361-4715-a255-a5d6922706b0
)。 What that means is that the signature computed includes this blob name. 这意味着计算出的签名包括该Blob名称。 Then when you are uploading the file you're changing the blob name by appending file name (
clown.jpg
) to the URL. 然后,当您上传文件时,您通过将文件名(
clown.jpg
)附加到URL来更改Blob名称。 This essentially made SAS signature invalid and thus you're getting 403 error. 这实际上使SAS签名无效,因此您将收到403错误。
There are two ways by which you can fix this issue: 有两种方法可以解决此问题:
sr
would be c
(meaning container) instead of b
(meaning blob). sr
为c
(表示容器)而不是b
(表示blob)。 Then you would use the same approach for deriving the submitUrl
(ie finding the index of ?
and inserting file name there). submitUrl
(即,找到?
的索引并在其中插入文件名)。 My recommendation would be to go with #2 because it would result in lesser calls to your server. 我的建议是选择#2,因为这样可以减少对服务器的调用。 On your upload page, you just calculate SAS on container just once and then keep on inserting file names as and when a user selects a file and upload them.
在上传页面上,您只需在容器上计算一次SAS,然后在用户选择文件并上传时继续插入文件名。 In fact we're using this approach in one of the products I'm working on.
实际上,我们在正在开发的其中一种产品中使用了这种方法。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.