I'm developing an web application for which I host my files like images on s3.
(我正在开发一个Web应用程序,为此我在s3上托管我的文件(例如图像)。)
I want to access the files via URLs (not presigned URLs) in my img-tags like so:(我想通过img标签中的URL(不是预签名URL)访问文件,如下所示:)
<img src={'https://s3.us-east-2.amazonaws.com/mybucketname/imgs/myfile.jpg'} />
How can I restrict access to only my react application (for prod and dev)?
(如何限制仅对我的React应用程序(针对prod和dev)的访问?)
I tried using CORS with my deployed domain and localhost but that didn't work:
(我尝试将CORS与已部署的域和localhost一起使用,但这没有用:)
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://www.example.com</AllowedOrigin>
<AllowedOrigin>https://example.com</AllowedOrigin>
<AllowedOrigin>http://localhost:3000</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
ask by phoebus translate from so
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
