Allow videos on s3 bucket to be loaded only from a particular URL
up vote
0
down vote
favorite
My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").
Is that possible?
If yes how?
Here is what I tried.
1) Place video on S3 Bucket.
And setup the guideline.
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::mybucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://app.sampleurl.at/*"
}
}
}
]
}
It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.
amazon-s3
add a comment |
up vote
0
down vote
favorite
My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").
Is that possible?
If yes how?
Here is what I tried.
1) Place video on S3 Bucket.
And setup the guideline.
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::mybucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://app.sampleurl.at/*"
}
}
}
]
}
It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.
amazon-s3
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").
Is that possible?
If yes how?
Here is what I tried.
1) Place video on S3 Bucket.
And setup the guideline.
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::mybucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://app.sampleurl.at/*"
}
}
}
]
}
It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.
amazon-s3
My requirement is to be able to load videos via https only from a particular URL (e.g. "https://www.app.myurl.com").
Is that possible?
If yes how?
Here is what I tried.
1) Place video on S3 Bucket.
And setup the guideline.
"Version": "2012-10-17",
"Id": "http referer policy example",
"Statement": [
{
"Sid": "Allow get requests originating from www.example.com and example.com.",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::mybucketname/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://app.sampleurl.at/*"
}
}
}
]
}
It doesn't seem to to what I want. All I can do is change the ACL on file level to either be accessible for everyone or for none.
amazon-s3
amazon-s3
asked Nov 7 at 7:48
user3675091
1019
1019
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10
add a comment |
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10
add a comment |
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53185333%2fallow-videos-on-s3-bucket-to-be-loaded-only-from-a-particular-url%23new-answer', 'question_page');
}
);
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Bear in mind that the Referer is whatever the user agent chooses to send in the request. There's nothing to prevent dishonest UAs from using any Referer value they like.
– Damien_The_Unbeliever
Nov 7 at 7:52
thanks for the hint. I will be aware of that.
– user3675091
Nov 7 at 10:10