这是我的情况:
使用服务器生成预先签名的URL,这些URL将按需向下发送到浏览器。浏览器将文件上传到这些URL,然后将上传结果发送到服务器(以避免使这些文件越过我们的负载均衡器等)。我不断收到307s和CORS故障
使用SSE-C加密文件,并将其放置在具有私有ACL的存储桶中。签名的网址是通过第一个网址生成的,并与第二个网址一起使用
服务器
const params = {
Bucket: bucket,
Key: objectKey,
Expires: expiration,
SSECustomerAlgorithm: 'AES256',
SSECustomerKey: ssecKey,
SSECustomerKeyMD5: ssecMD5,
Metadata: { filename, userId }
};
return S3Module.S3.getSignedUrl('putObject', params);
客户
// ...
uploadToS3(url, file, params) {
return new Promise((resolve, reject) => {
const customHeaders = {
'x-amz-meta-filename': params['x-amz-meta-filename'],
'x-amz-meta-userId': params['x-amz-meta-userId'],
'x-amz-server-side-encryption-customer-algorithm':
params['x-amz-server-side-encryption-customer-algorithm'],
'x-amz-server-side-encryption-customer-key': params['x-amz-server-side-encryption-customer-key'],
'x-amz-server-side-encryption-customer-key-MD5':
params['x-amz-server-side-encryption-customer-key-MD5'],
'x-amz-acl': 'private'
};
superagent
.put(url)
.withCredentials()
.set('Content-Type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet')
.set(customHeaders)
.send(file)
.end((err, res) => {
if (err) {
return reject(err);
}
console.error(res, err);
resolve(res);
});
});
}
// ...
我不断从S3得到307,这当然不适用于CORS。我读了一些书,有人说这是与S3上的DNS同步有关的临时性问题,但是即使等待24小时以上,它似乎也没有过去。
CORS配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://localhost:3000</AllowedOrigin>
<AllowedMethod>PUT</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
如果我替换us-west-2地区(获取https://bucket-name.s3.amazonaws.com),则会得到403 forbidden response。如果没有,我将得到https://bucket-name.s3.us-west-2.amazonaws.com的307。浏览器(正确地)抱怨:
Access to XMLHttpRequest at 'MY URL' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
任何帮助将不胜感激-谢谢!