amazon-web-services - 在 S3 存储桶中配置 CORS 无效
问题描述
我正在尝试在我的 S3 存储桶上配置 CORS 策略,以允许它与 snap.berkeley.edu 正确通信。但是,我在部署到 S3 后收到以下错误,在使用 localhost 进行测试时没有收到:
Access to XMLHttpRequest at 'https://cloud.snap.berkeley.edu/api/v1/init' from origin 'https://soundscope-website-beta.s3.amazonaws.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
我已经将其更改为以下 xml。但是,这样做并没有改变错误消息。
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://snap.berkeley.edu</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
<AllowedOrigin>https://cloud.snap.berkeley.edu</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
我是否正确配置了 CORS 策略?这是 snap.berkeley.edu 的问题,而不是我在 AWS 上的问题吗?任何帮助/建议将不胜感激。
编辑:尝试使用代理后,我在 localhost 上收到以下错误:
Access to XMLHttpRequest at 'https://cors-anywhere.herokuapp.com/https://cloud.snap.berkeley.edu/api/v1/init' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
POST https://cors-anywhere.herokuapp.com/https://cloud.snap.berkeley.edu/api/v1/init net::ERR_FAILED
以及来自 s3 存储桶的以下错误:
Access to XMLHttpRequest at 'https://cors-anywhere.herokuapp.com/https://cloud.snap.berkeley.edu/api/v1/init' from origin 'https://soundscope-website-beta.s3.amazonaws.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
解决方案
推荐阅读
- javascript - 在 JavaScript 前端应用程序上读取大型 CSV 文件
- angular - ng-select 中的可访问性问题
- mysql - b轮询失败;您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册以获取正确的语法
- c# - 如何在单击注销按钮时注销jwt令牌单击c#使用dotnet core
- xamarin.android - 缺少 SimpleExoPlayerView 播放器属性
- elasticsearch - ELK 的问题:ElasticSearch + kibana + Searchguard
- abap - 以编程方式使用 GOS 对象在 MB51 中创建注释
- amazon-web-services - AWS IAM / CMK 传播时间
- c# - 将 DataGridView 从一个窗体复制到另一个窗体
- reactjs - 我可以将 redux 操作与 react 组件分开发送吗?