我尝试在eu-west-2区域的S3存储桶中上传文件:
在我编码的django-view中:
try:
S3url = conn.generate_url_sigv4(secondsPerDay, "PUT", bucket=settings.AWS_STORAGE_BUCKET_NAME, key=path, force_http=True)
except:
print "generate_url_sigv4 failed"
else:
print "generate_url_sigv4 OK"
print S3url
然后我生成预先签名的网址
curl -v -T "0.MOV" --header "Content-Type:binary/octet-stream" "https://MyBucketName.s3-eu-west-2.amazonaws.com/pathtofile/0.mp4?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Expires=86400&X-Amz-SignedHeaders=host&X-Amz-Signature=AWSsignature&X-Amz-Date=20170724T122024Z&X-Amz-Credential=MyKey%2Feu-west-2%2Fs3%2Faws4_request"
使用Curl我可以上传视频文件:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8000' is therefore not allowed access. The response had HTTP status code 403.
所以对我来说,在django / python中生成预先签名的网址是可以的。
顺便感谢How to properly upload an object to AWS S3?贡献者
当我尝试使用预先指定的url和ajax请求时出现问题。 谷歌浏览器声明:
settings = $.extend(true, {}, {
xhr: function () {
var xhrobj = $.ajaxSettings.xhr();
return self._initXhr(xhrobj, previewId, self.getFileStack().length);
},
url:S3url,
type: 'PUT',
cache: false,
processData: false,
success: fnSuccess,
complete: fnComplete,
error: fnError,
crossDomain: true,
headers: {
'Access-Control-Allow-Headers': '*',
'Content-Type': 'binary/octet-stream',
},
}, self.ajaxSettings);
self.ajaxRequests.push($.ajax(settings));
我尝试了很多
的组合<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
**<AllowedMethod>PUT</AllowedMethod>**
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>
显然,浏览器和curl阻止了对另一台服务器的请求。 该网页来自http://127.0.0.1:8000,请求是针对s3-eu-west-2.amazonaws.com。
Curl不采取这种预防措施。
顺便说一句,我这样配置S3存储桶:
rails db:migrate
这是defaut配置,除了我添加 / 行。
那我怎么能解决这个CORS问题,我错过了什么?
由于