[英]AWS S3 js SDK: Access to XMLHttpRequest at from origin has been blocked by CORS policy
我正在尝试在我的 ASP.NET Core 3 Web 应用程序中使用 AWS js SDK 来访问客户端上的 s3 存储桶,但它不起作用。
我创建了一个存储桶并添加了以下 CORS 配置:
<?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>HEAD</AllowedMethod> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>PUT</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>DELETE</AllowedMethod> <ExposeHeader>ETag</ExposeHeader> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>我创建了一个具有 AmazonS3FullAccess 权限的新 IAM 用户,其中包含一个 AccessKey 和一个 Secret。
我添加了一个简单的视图来验证它与以下脚本部分:
<script src="/lib/aws/aws-sdk-2.592.0.js"></script> <script language="javascript"> $(function() { AWS.config.update({ region: 'eu-west-2', credentials: new AWS.Credentials('<key>', '<secret>') }); var s3 = new AWS.S3({ apiVersion: '2006-03-01', params: { Bucket: '<bucket>' } }); s3.listObjectsV2(function(err, data) { if (err) console.log(err, err.stack); else { data.Contents.forEach(function(element) { var row = "<tr>" + "<td>" + element.Key + "</td>" + "<td>" + element.LastModified + "</td>" + "<td>" + element.Etag + "</td>" + "<td>" + element.Size + "</td>" + "<td>" + element.StorageClass + "</td>" + "</tr>" $('#objects-list-table tbody').append(row); }); } }); }); </script>而且我在浏览器控制台中不断收到以下错误,例如没有为存储桶配置 CORS:
Access to XMLHttpRequest at 'https://<bucket>.s3.eu-west-2.amazonaws.com/?list-type=2' from origin 'https://localhost:5001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Access to XMLHttpRequest at 'https://<bucket>.s3.amazonaws.com/?max-keys=0' from origin 'https://localhost:5001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
我的配置有什么问题? 如何使它工作?
刚刚用 HTTP Toolkit 欺骗了所有 HTTP 请求,发现该区域不正确。 如果有人有同样的问题并且 CORS 配置似乎正确 - 检查区域。
就我而言,法兰克福服务器不是 eu-west-2,而是eu-central-1
CORS 策略已阻止从源“null”访问 XMLHttpRequest?
[英]Access to XMLHttpRequest from origin 'null' has been blocked by CORS Policy?
CORS 策略已阻止从源“http://...”访问“...”处的 XMLHttpRequest
[英]Access to XMLHttpRequest at '...' from origin 'http://...' has been blocked by CORS policy
CORS 策略已阻止从原点 '' 访问 XMLHttpRequest
[英]Access to XMLHttpRequest at '' from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present
将文件上传到 DigitalOcean Spaces,得到“从源 (url) 访问 (url) 处的 XMLHttpRequest 已被 CORS 策略阻止”
[英]Uploading file to DigitalOcean Spaces, get "Access to XMLHttpRequest at (url) from origin (url) has been blocked by CORS policy"
CORS策略阻止了对来自'null'的'http://github/..file.json'的XMLHttpRequest的访问:
[英]Access to XMLHttpRequest at 'http://github/..file.json' from origin 'null' has been blocked by CORS policy:
CORS 策略已阻止从源“localhost:3000”访问“...”处的 XMLHttpRequest
[英]Access to XMLHttpRequest at '…' from origin 'localhost:3000' has been blocked by CORS policy
Javascript 中的套接字 IO 错误:“访问 XMLHttpRequest 已被 Z5A8FEFF0B4BDE3BEEC9D924 阻止”
[英]Socket IO error in Javascript: “Access to XMLHttpRequest from origin 'null' has been blocked by CORS policy”
CORS 策略已阻止在 localhost:3000 访问 XMLHttpRequest
[英]Access to XMLHttpRequest at localhost:3000 from origin has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header
CORS 策略已阻止从原点 '' 在 '' 访问 XMLHttpRequest:没有 'Access-Control-Allow-Origin' header 存在于请求的
[英]Access to XMLHttpRequest at '' from origin '' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.