Allow videos on s3 bucket to be loaded only from a particular URL

up vote
0
down vote

favorite

My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").

Is that possible?

If yes how?

Here is what I tried.

1) Place video on S3 Bucket.
And setup the guideline.

"Version": "2012-10-17",

"Id": "http referer policy example",

"Statement": [

    {

        "Sid": "Allow get requests originating from www.example.com and example.com.",

        "Effect": "Allow",

        "Principal": "*",

        "Action": "s3:GetObject",

        "Resource": "arn:aws:s3:::mybucketname/*",

        "Condition": {

            "StringLike": {

                "aws:Referer": "https://app.sampleurl.at/*"

            }

        }

    }

]

}

It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.

asked Nov 7 at 7:48

user3675091

1019

Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52

thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10

add a comment |

up vote
0
down vote

favorite

My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").

Is that possible?

If yes how?

Here is what I tried.

1) Place video on S3 Bucket.
And setup the guideline.

"Version": "2012-10-17",

"Id": "http referer policy example",

"Statement": [

    {

        "Sid": "Allow get requests originating from www.example.com and example.com.",

        "Effect": "Allow",

        "Principal": "*",

        "Action": "s3:GetObject",

        "Resource": "arn:aws:s3:::mybucketname/*",

        "Condition": {

            "StringLike": {

                "aws:Referer": "https://app.sampleurl.at/*"

            }

        }

    }

]

}

It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.

asked Nov 7 at 7:48

user3675091

1019

Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52

thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10

add a comment |

up vote
0
down vote

favorite

My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").

Is that possible?

If yes how?

Here is what I tried.

1) Place video on S3 Bucket.
And setup the guideline.

"Version": "2012-10-17",

"Id": "http referer policy example",

"Statement": [

    {

        "Sid": "Allow get requests originating from www.example.com and example.com.",

        "Effect": "Allow",

        "Principal": "*",

        "Action": "s3:GetObject",

        "Resource": "arn:aws:s3:::mybucketname/*",

        "Condition": {

            "StringLike": {

                "aws:Referer": "https://app.sampleurl.at/*"

            }

        }

    }

]

}

It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.

asked Nov 7 at 7:48

user3675091

1019

My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").

Is that possible?

If yes how?

Here is what I tried.

1) Place video on S3 Bucket.
And setup the guideline.

"Version": "2012-10-17",

"Id": "http referer policy example",

"Statement": [

    {

        "Sid": "Allow get requests originating from www.example.com and example.com.",

        "Effect": "Allow",

        "Principal": "*",

        "Action": "s3:GetObject",

        "Resource": "arn:aws:s3:::mybucketname/*",

        "Condition": {

            "StringLike": {

                "aws:Referer": "https://app.sampleurl.at/*"

            }

        }

    }

]

}

It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.

amazon-s3

asked Nov 7 at 7:48

user3675091

1019

asked Nov 7 at 7:48

user3675091

1019

asked Nov 7 at 7:48

user3675091

1019

asked Nov 7 at 7:48

user3675091

1019

asked Nov 7 at 7:48

user3675091

1019

Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52

thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10

add a comment |

Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52

thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10

Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52

thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10

add a comment |

active

oldest

votes

Your Answer

StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53185333%2fallow-videos-on-s3-bucket-to-be-loaded-only-from-a-particular-url%23new-answer', 'question_page');
}
);

Post as a guest

Name

active

oldest

votes

draft saved

draft discarded

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Name

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Wsrtjtyk