我看到了几个问题并就此进行了讨论,但仍然无法找到答案。 我尝试使用AJAX GET对来自S3的文件进行简单的GET。 我的存储桶配置为CORS:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
这是我的电话的卷曲片段(省略了文件..):
curl 'https://s3.amazonaws.com/mybucket/myfile.tar.gz
-X OPTIONS
-H 'Access-Control-Request-Method: GET'
-H 'Origin: http://0.0.0.0:9000'
-H 'Referer: http://0.0.0.0:9000/'
-H 'Access-Control-Request-Headers: accept, x-longtostring'
-H 'Pragma: no-cache'
-H 'Accept-Encoding: gzip, deflate, sdch'
-H 'Accept-Language: en-US,en;q=0.8,he;q=0.6,mg;q=0.4'
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36'
-H 'Accept: */*'
-H 'Cache-Control: no-cache'
-H 'Connection: keep-alive'
--compressed
--verbose
我得到了403结果:
HTTP/1.1 403 Forbidden
x-amz-request-id: 1F545B4ED302B3AD
x-amz-id-2: AiQwUgOeVhfxRjYL/13MLBsUQdx8n4bYLhV3TwftDfnMZ+7FhvnxfVAGLCo3WCiT
Content-Type: application/xml
Transfer-Encoding: chunked
Date: Sun, 30 Aug 2015 21:25:17 GMT
Server AmazonS3 is not blacklisted
Server: AmazonS3
<?xml version="1.0" encoding="UTF-8"?>
Connection #0 to host s3.amazonaws.com left intact
<Error><Code>AccessForbidden</Code><Message>CORSResponse: This CORS request is not allowed. This is usually because the evalution of Origin, request method / Access-Control-Request-Method or Access-Control-Requet-Headers are not whitelisted by the resource's CORS spec.</Message><Method>GET</Method></Error>
删除-X OPTIONS解决了这个问题。但这是由浏览器自动添加的(我使用Angular $ http.get),我无法控制(或者我有吗?)。
由于
答案 0 :(得分:7)
在我能想到的任何配置中,似乎s3都不会接受OPTIONS调用。 但对于GET请求 - 如果您不添加任何自定义标头,浏览器将不会触发OPTIONS。
所以我从特定的$ http.get(s3FilePath)请求中删除了任何自定义标头。
我得到403的原因 - 是因为文件尚未准备好。文件准备好后,你做对了。