How to access restricted media files using signed cookies from cloud front distribution which uses a different domain from the application domain?
Question
Can we assign cookies from the application domain to a different domain. For example we need to access the restricted media files which use the d1fzlamzw9yswb.cloudfront.net distribution, but if we run the application in localhost or in any other domain it does not allow us to assign the cookies to d1fzlamzw9yswb.cloudfront.net programmatically. It normally sets the cookies to the application domain.
Somehow by manually assigning the cookies from the browser to d1fzlamzw9yswb.cloudfront.net we were able to access the content without any issue.
So if the application runs in another domain (localhost or any other) how can we assign the cookies to a different domain where we need to access the restricted media files? What is the best way to do this?
1 answers
solution1
0 ACCPTED 2021-07-02 07:54:55
Setting cookies for different domains is obviously not allowed.
However, one can use an apex domain in a signed cookie, for example, .example.com . If properly set this cookie will always be sent to any request made to example.com, but also to any of its subdomains, eg, cloudfront.example.com . So we can take advantage of this and have our backend service, which is running on backend.example.com create and set a signed cookie for .example.com . Later when the frontend requests a file form cloudfront.example.com it will automatically include the signed cookie with the request.
This approach requires having a custom domain for a Cloud Front distribution. Here docs how to do that
Best, Stefan
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.