主动存储通过加密上传到 S3。 如何删除加密并将文件按原样保存在存储中
[英]Active Storage Uploads to S3 with encryption. How to remove encryption and save file as is in storage
问题描述
When I upload a file with API multipart to rails server.
当我将带有 API 多部分的文件上传到 Rails 服务器时。 Rails server uploads the file to s3. Rails 服务器将文件上传到 s3。 But when I go to s3, the file is encrypted which I don't want.但是当我 go 到 s3 时,文件被加密了,这是我不想要的。
Also when I get the URL from in jbuilder另外,当我从 jbuilder 中获得 URL
json.url Rails.application.routes.url_helpers.rails_blob_url(document.doc)
the URL I get is of rails path which redirects to S3 image with a key to show the image.我得到的 URL 是轨道路径,它重定向到 S3 图像,并带有显示图像的键。
It will be better if I can put the S3 link directly there in the file URL.如果我可以将 S3 链接直接放在文件 URL 中会更好。
2 个解决方案
解决方案1
1 2020-10-10 17:39:10
The Active Storage doesn't store a file with the provided filename instead it uses Rails' has_secure_token key. Active Storage不使用提供的文件名存储文件,而是使用 Rails 的has_secure_token密钥。 So even if you try to see the file stored on local (if you're using a deffault local service), it'll be saved with some random alpha-numeric string.因此,即使您尝试查看存储在本地的文件(如果您使用的是默认local服务),它也会与一些随机alpha-numeric字符串一起保存。
If you want to explicitly upload with AWS Server Side Encryption you might want to update the service config like -如果您想使用AWS Server Side Encryption显式上传,您可能需要更新服务配置,例如 -
amazon:
service: S3
bucket: somebucketname
upload:
server_side_encryption: AES-256
One possibility you can find if it works by implementing a custom ActiveStorage::Service .您可以通过实现自定义ActiveStorage::Service找到它是否有效的一种可能性。 If somebody does it, please share: :D如果有人这样做,请分享::D
Or else just go with the Carrierwave !!或者只是Carrierwave与载波!
Ref -参考 -
解决方案2
0 2020-05-16 18:32:55
If you are using Rails active storage and don't want to encrypt files by default you need to change storage.yml to something like this.如果您使用 Rails 主动存储并且不想默认加密文件,则需要将storage.yml更改为类似的内容。
amazon:
service: S3
bucket: somebucketname
upload:
server_side_encryption: nil
Or if you are using aws-sdk-s3 gem, here is the link for official guide for aws-sdk-s3或者,如果您使用的是aws-sdk-s3 gem,这里是aws-sdk-s3官方指南的链接
Also you can change existing files encryption from AWS.您还可以从 AWS 更改现有文件加密。 Here is the documentation. 这是文档。
For URL part you can call object.images[0].service_url This will return you something like https://yourbucketname.s3.eu-central-1.amazonaws.com/yr2r6bo1ai1g9yavg7p9480ptdy4?response-content-disposition=inline%3B%20filename%3D%22images-museum_5_3.png%22%3B%20filename%2A%3DUTF-8%27%27images-museum_5_3.png&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJJWMS7WXXZREOOCQ%2F20200413%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20200413T123825Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=14bf4d26d9b3f3c98c29d84c647fc6fa88d903e157a0d41e0ad209937ffaf92b For URL part you can call object.images[0].service_url This will return you something like https://yourbucketname.s3.eu-central-1.amazonaws.com/yr2r6bo1ai1g9yavg7p9480ptdy4?response-content-disposition=inline%3B%20filename%3D%22images-museum_5_3.png%22%3B%20filename%2A%3DUTF-8%27%27images-museum_5_3.png&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJJWMS7WXXZREOOCQ%2F20200413%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Date=20200413T123825Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=14bf4d26d9b3f3c98c29d84c647fc6fa88d903e157a0d41e0ad209937ffaf92b
You can store first part as object URL.您可以将第一部分存储为 object URL。 It not changing part of URL.它不会改变 URL 的一部分。
That part is https://yourbucketname.s3.eu-central-1.amazonaws.com/yr2r6bo1ai1g9yavg7p9480ptdy4那部分是https://yourbucketname.s3.eu-central-1.amazonaws.com/yr2r6bo1ai1g9yavg7p9480ptdy4
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.