4

I have the following code in my AWS bucket policy:

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::staticimages.co/*",
            "Condition": {
                "StringLike": {
                    "aws:Referer": [
                        "http://domainname.co/*",
                        "http://www.domainname.co/*"
                    ]
                }
            }
        }
    ]
}

After I put in the referer code I can't access my images via the domains that are listed there.

Any ideas on what I'm doing wrong?

thx

Also I notice people use different SID text... what is this?

4

1 回答 1

4

我强烈建议不要使用 Referer 来控制对 Web 图像的访问。HTTP Referer 请求标头充其量是不可靠的,因为有些人出于隐私原因在浏览器中禁用它,而其他人则位于防火墙后面,从所有传出请求中剥离标头。

当然,如果有人直接导航到您的一张静态图片,Referer 也会为空,这可能不是什么大问题。无论如何,这不是您可以依赖的东西,它会破坏许多访问者的浏览体验。

于 2013-07-29T08:43:04.887 回答