不要在应用程序外部访问S3存储桶中的图像URL。

huangapple go评论76阅读模式
英文:

Do not access image url in buckt s3 outside the application

问题

使用直接从S3存储桶获取的图像进行渲染。但是可以从Reactjs应用程序之外进行访问。
如何防止这些S3 URL 被从应用程序之外访问?

未正确验证的登录

英文:

To render images I'm using direct from the S3 bucket. But access can be done from outside the Reactjs application.
How do I prevent these S3 URLs from being accessed from outside the application?

Incorrectly authenticated logins

答案1

得分: 1

你似乎想要从Amazon S3存储桶中提供图像,但只希望在人们使用您的应用程序时才能访问这些图像。

您可以按照以下方式操作:

  • 将图像保留在S3存储桶中,将其设置为“私有”——不要公开存储桶
  • 当您的应用程序引用S3中的对象时,应该生成一个Amazon S3预签名URL,这将为Amazon S3中的私有对象提供有时限的访问权限。

预签名URL将为存储在S3存储桶中的私有对象提供临时访问权限。您的应用程序可以通过使用允许访问该对象的Access Key和Secret Key生成预签名URL。生成预签名URL仅需几行代码,无需对AWS进行API调用。

英文:

It appears that you want to serve images from an Amazon S3 bucket, but you only want these images to be accessed if people are using your application.

You can do this as follows:

  • Keep the images in S3 bucket as 'private' -- do not make the bucket public
  • When your application refers to an object in S3, it should generate an Amazon S3 pre-signed URLs, which provide time-limited access to private objects in Amazon S3

The pre-signed URL will provide temporary access to a private object stored in the S3 bucket. Your application can generate the pre-signed URL by using an Access Key and Secret Key from credentials that are permitted to access the object. Generating a pre-signed URL only takes a couple of lines of code and does not require an API call to AWS.

huangapple
  • 本文由 发表于 2023年4月7日 00:31:01
  • 转载请务必保留本文链接:https://go.coder-hub.com/75951766.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定