生成格式为s3.amazonaws.com/bucket.name的预签名URL

本文介绍了生成格式为s3.amazonaws.com/bucket.name的预签名URL的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我正在生成预签名的url，但是由于带有* .s3.amazonaws证书，因此对于带有句点和SSL的存储桶名称是有问题的，如下所述: http://shlomoswidler.com/2009/08/amazon -s3-gotcha-using-virtual-host.html

I'm generating presigned urls but its problematic for bucket names with periods and SSL because of the *.s3.amazonaws certificate, as described here:http://shlomoswidler.com/2009/08/amazon-s3-gotcha-using-virtual-host.html

是否可以使用以下格式生成网址?: http://s3.amazonaws.com/bucket.name/key

Is there a way to generate urls with the following format?:http://s3.amazonaws.com/bucket.name/key

我在API中没有看到任何选项.我猜我可以通过重新排列URL来手动"完成操作，但是我宁愿避免不必要的黑客攻击.

I didn't see an option in the API. I'm guessing I can do it "manually" by rearranging the url, but I'd rather avoid a hack if its not necessary.

根据迈克尔的回答，这里是我现在使用的代码:

Based on Michael's answer here is the code I'm now using:

public static URL bucketNameAfterS3Url(URL url) {

    int index = url.getHost().indexOf("s3");
    String host = url.getHost().substring(index);
    String bucket = url.getHost().substring(0, index - 1);
    URL toUse;
    try {
        toUse = new URL(url.getProtocol(), host, url.getPort(), '/' + bucket + url.getFile());
    } catch (MalformedURLException e) {
    }
    return toUse;
}

推荐答案

目前尚无任何官方方法，但是由于可能的模式有限，字符串操作并不像看起来那样粗略.值区名称不能包含斜线，因此查找其他元素非常安全.

There isn't any official way to do this, but string manipulation isn't as sketchy as it seems, since the possible patterns are limited. Bucket names can't contain a slash, and finding the other elements is pretty safe.

一个重要的考虑因素是区域及其对URL有效组合的影响.

One important consideration is the region, and how it impacts the valid combinations of URL.

在存储区"example-bucket"中考虑"lolcat.jpg" ...

Consider "lolcat.jpg" in bucket "example-bucket"...

https://example-bucket.s3.amazonaws.com/lolcat.jpg
https://s3.amazonaws.com/example-bucket/lolcat.jpg

如果存储桶位于美国标准区域，则这两个网址仅等效于 .

These two urls are equivalent only if the bucket is in the US-Standard region.

如果没有，最上面的一个可以工作，但是最下面的一个会返回一条错误消息，告诉您您使用了错误的端点.

If not, the top one works, but the bottom one will return an error message telling you that you are using the wrong endpoint.

对于其他区域，您必须使用正确的区域端点.如果是us-west-2，则实际上是:

For other regions, you have to use the correct regional endpoint. If us-west-2, this would actually be:

https://s3-us-west-2.amazonaws.com/example-bucket/lolcat.jpg

因此，您必须先了解存储区的区域，然后才能转置URL中的元素.

So, you have to know the bucket's region before you can transpose elements in the URL.

如果您使用的是签名版本4，则您已经知道该区域，因为生成签名需要此区域.使用签名版本2，由于该算法的详细信息，您甚至可以在对URL进行签名后在中重新排列存储桶名称的位置，而不会使签名无效.

If you are using Signature Version 4, then you already know the region, because it's needed in order to generate the signature. With Signature Version 2, you can even rearrange the position of the bucket name in the URL after signing the URL without invalidating the signature, because of the details of that algorithm.

这篇关于生成格式为s3.amazonaws.com/bucket.name的预签名URL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！