使用 POST 直接从浏览器上传文件到 S3
[英]Upload file to S3 direct from the browser using POST
问题描述
Similar to this question: Enabling POST/PUT/DELETE on AWS CloudFront?
类似于这个问题: 在 AWS CloudFront 上启用 POST/PUT/DELETE?
I have setup a Cloudfront Distribution with an Origin Access Identity that has access to the S3 origin.我已经使用可以访问 S3 源的源访问身份设置了一个 Cloudfront 分发。
S3 has a CORS configuration that allows PUT, POST, GET, etc. from any Origin. S3 有一个 CORS 配置,允许来自任何源的 PUT、POST、GET 等。 Cloudfront is forwarding the Origin, Access-Control-Request-Headers & Access-Control-Request-Method headers to the S3 origin. Cloudfront 将 Origin、Access-Control-Request-Headers 和 Access-Control-Request-Method 标头转发到 S3 源。
Using the Dropzone-js library I have configured a POST upload request to the Cloudfront endpoint.使用 Dropzone-js 库,我配置了一个到 Cloudfront 端点的 POST 上传请求。
Response: 405 Method Not Allowed
And the Response headers:和响应头:
- access-control-allow-methods HEAD, GET, PUT, POST访问控制允许方法 HEAD、GET、PUT、POST
- access-control-allow-origin *访问控制允许来源 *
- allow HEAD, DELETE, GET, PUT允许头部、删除、获取、放置
- server AmazonS3服务器 AmazonS3
- x-cache Error from cloudfront来自 cloudfront 的 x-cache 错误
If I switch the request method to 'PUT' the upload response is successful.如果我将请求方法切换为“PUT”,则上传响应成功。
200 OK 200 正常
- x-cache: Miss from cloudfront x-cache:来自 cloudfront 的小姐
- access-control-allow-methods HEAD, GET, PUT, POST访问控制允许方法 HEAD、GET、PUT、POST
The mysterious ' allow ' header is now missing.神秘的“允许”标头现在不见了。
The file that ends up in S3 following the PUT request is not readable.在 PUT 请求之后在 S3 中结束的文件不可读。 I get an Access Denied error when trying to download it.我在尝试下载时收到拒绝访问错误。
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden
I'm not sure if S3 implicitly refuses POST requests.我不确定 S3 是否隐式拒绝 POST 请求。 That would be fine, so long as PUT requests worked.只要 PUT 请求有效,那就没问题了。
The CORS configuration: CORS 配置:
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
The Bucket Policy:桶策略:
{
"Sid": "1",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity XXX"
},
"Action": [
"s3:*",
"s3:PutObject",
"s3:GetObject",
"s3:AbortMultipartUpload"
],
"Resource": "arn:aws:s3:::example-bucket.net/*"
}
s3:* is to try and get it working for a start. s3:* 是尝试让它开始工作。
Why is POST not allowed to the S3 Origin?为什么不允许 POST 到 S3 Origin? Why is the uploaded file corrupt/not readable?为什么上传的文件损坏/不可读?
I've also tried pre-signed URLs similar to method below, but face similar problems.我也尝试过类似于下面的方法的预签名 URL,但面临类似的问题。 POST is rejected, and PUT is AccessDenied. POST 被拒绝,PUT 被拒绝访问。 I tried this on multiple buckets.我在多个桶上试过这个。 The only way it would work is with Public WRITE enabled.它可以工作的唯一方法是启用公共写入。 https://aws.amazon.com/blogs/media/deep-dive-into-cors-configs-on-aws-s3-how-to/ https://aws.amazon.com/blogs/media/deep-dive-into-cors-configs-on-aws-s3-how-to/
Edit: This issue is very similar, but appears to not be resolved.编辑:这个问题非常相似,但似乎没有得到解决。 dropzone.js direct upload to S3 with content-type dropzone.js 使用 content-type 直接上传到 S3
1 个解决方案
解决方案1
0 2020-09-30 07:17:42
Why is POST not allowed to the S3 Origin?
POST requests for S3 origin in CloudFront with OAI are simply not supported .根本不支持使用 OAI 在 CloudFront 中对 S3 源的POST请求。
From Using an OAI in Amazon S3 Regions that Support Only Signature Version 4 Authentication :从在仅支持签名版本 4 身份验证的 Amazon S3 区域中使用 OAI :
POST requests are not supported .
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.