CORS for AWS S3

204 days ago, 0 views.

To enable CORS on your Amazon S3 bucket, follow these steps:

  1. Log into the AWS Management Console.
  2. Click Services and select S3.
  3. Select your desired bucket.
  4. In the right-hand panel, click Permissions.
  5. Click Edit CORS Configuration.
  6. In the pop-up dialog, paste the following text:
[
    {
        "AllowedOrigins": [
            "*"
        ],
        "AllowedMethods": [
            "GET"
        ],
        "MaxAgeSeconds": 3000,
        "ExposeHeaders": [
             "Content-Range",
             "Content-Length",
             "ETag"
        ],
        "AllowedHeaders": [
            "Authorization",
            "Content-Range",
            "Accept",
            "Content-Type",
            "Origin",
            "Range"
        ]
    }
]

That’s all!

If your request doesn’t specify an origin header, S3 won’t include the CORS headers in the response

The curl doesn’t include the header by default, so be sure to include it for testing:

curl -I -X GET -H "origin: example.com" https://iad.microlink.io/qoUyfo06VbHZWf-SxFuIxnEkvnVH87Z72CVsmz3sMzQ5xVyjphdVArgcGALFVMNVjYupiSELSM9chSMeu5WIcw.png
HTTP/2 200
date: Tue, 19 Apr 2022 19:02:58 GMT
content-type: image/png
content-length: 65446
x-amz-id-2: 2k1nBKaTqV9npZQnReAmwh4pqMEwJ4DIxKGJUwGyktYSW0O5ebauhiRoBURXOz39uQIis7RYPtE=
x-amz-request-id: HB609AVA3DSGPQC2
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: Content-Range, Content-Length, ETag
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 19 Apr 2022 18:21:45 GMT
x-amz-expiration: expiry-date="Sat, 21 May 2022 00:00:00 GMT", rule-id="flush"
etag: "5310debac44a5c28d584a8f5bc41c13d"
expires: Wed, 20 Apr 2022 18:21:44 GMT
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Ft3Nko4zPV2Z0B7cfnLBkwS%2FWnsKjl0hDmlzDZH91Dbts993mZDkOt5Uj09yrnQKiJe0uwCp98%2FO3UWVcnuR3zzD3L7tlMtBcowiMpXP0BVDas6xv3KsATV8SXs0tt6j5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6fe7e5c448808686-MAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Bibliography

Kiko Beats

Kiko Beats