堆栈内存溢出
  简体   繁体   English

使用 S3 的 React 应用程序中的 CORS ORIGIN 错误

[英]CORS ORIGIN Error in React App that uses S3

 原文  2020-12-28 11:51:31       javascript/ reactjs/ amazon-web-services/ amazon-s3/ cors

问题描述

I've been working on a project that client should upload a file into a Cloud Storage with AWS.我一直在做一个项目,客户应该使用 AWS 将文件上传到云存储中。 My app was written with ReactJS and I decided to upload the file directly from client side to Cloud Storage.我的应用程序是用 ReactJS 编写的,我决定将文件直接从客户端上传到云存储。 I've built the app and deployed it to server.我已经构建了应用程序并将其部署到服务器。 (Here is the link raymon-tech.ir ) But It returns (这里是链接raymon-tech.ir )但它返回

Access to XMLHttpRequest at 'https://kamal-archive.s3.ir-thr-at1.arvanstorage.com/aaa.js?uploads' from origin 'https://raymon-tech.ir' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status. CORS 策略已阻止从源“https://raymon-tech.ir”访问“https://kamal-archive.s3.ir-thr-at1.arvanstorage.com/aaa.js?uploads”上的 XMLHttpRequest :对预检请求的响应未通过访问控制检查:它没有 HTTP ok 状态。

error.错误。 If I disable CORS of my browser, it works fine.如果我禁用浏览器的 CORS,它可以正常工作。

UPDATE:更新:

I use S3 Browser for config the Bucket Policy and CORS Configuration.我使用 S3 浏览器配置存储桶策略和 CORS 配置。 Here's my configs:这是我的配置:

CORS Configuration: CORS 配置:

<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
  <CORSRule>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedHeader>*</AllowedHeader>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <ExposeHeader>ETag</ExposeHeader>
    <ExposeHeader>Accept-Ranges</ExposeHeader>
    <ExposeHeader>Content-Encoding</ExposeHeader>
    <ExposeHeader>Content-Length</ExposeHeader>
    <ExposeHeader>Content-Range</ExposeHeader>
  </CORSRule>
</CORSConfiguration>

and Bucket Policy:和桶策略:

{
  "Version": "2008-10-17",
  "Id": "S3PolicyId1",
  "Statement": [
    {
      "Sid": "IPAllow",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": "s3:GetBucketCORS",
      "Resource": "arn:aws:s3:::raysa/*"
    }
  ]
}

I changed them recently but nothing happend.我最近改变了它们,但什么也没发生。

1 个解决方案

解决方案1
 2  2020-12-28 11:58:00

If you need to upload files directly from your front-end app to S3 bucket, please make sure you add those to the bucket's CORS policy:如果您需要将文件直接从前端应用程序上传到 S3 存储桶,请确保将这些文件添加到存储桶的 CORS 策略:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "GET",
            "POST",
            "PUT",
            "HEAD"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": [
            "ETag",
            "Accept-Ranges",
            "Content-Encoding",
            "Content-Length ",
            "Content-Range"
        ],
        "MaxAgeSeconds": 3000
    }
]

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 跨域请求到AWS S3的AJAX请求有时会导致CORS错误 - Cross-origin requests AJAX requests to AWS S3 sometimes result in CORS error XMLHttpRequest和S3,CORS错误 - XMLHttpRequest and S3, CORS error Amazon S3和跨源资源共享(CORS) - Amazon S3 and Cross-Origin Resource Sharing (CORS) Axios CORS Vultr S3“没有‘访问控制允许来源’” - Axios CORS Vultr S3 "No 'Access-Control-Allow-Origin'" AWS S3存储桶上传中的CORS错误 - CORS error on AWS S3 bucket upload 即使在添加 CORS 配置后 S3 的 CORS 错误 - CORS error with S3 even after adding CORS configuration CORS和同源策略在React捆绑应用中请求问题 - CORS and same-origin policies request problems in a react bundled app 尝试使用TextureLoader从Rails应用连接到S3时出现CORS错误 - CORS error while trying to connect to S3 from a rails app using TextureLoader 请求的资源上不存在“Access-Control-Allow-Origin”header(AWS、API 网关、S3、CORS) - No 'Access-Control-Allow-Origin' header is present on the requested resource (AWS, API Gateway, S3, CORS) AWS S3 js SDK:从源访问 XMLHttpRequest 已被 CORS 策略阻止 - AWS S3 js SDK: Access to XMLHttpRequest at from origin has been blocked by CORS policy
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM