dylanvaughn / aws_cf_signer Goto Github PK
View Code? Open in Web Editor NEWRuby gem for signing AWS Cloudfront URLs for serving private content
License: MIT License
Ruby gem for signing AWS Cloudfront URLs for serving private content
License: MIT License
When using this gem to sign a CF URL for a resource with a wildcard and an expiration time, but no other options, the sign
method will create a canned policy querystring, rather than a custom policy query string.
Got it working with canned policy:
signer.sign("http://d253c4ja9jigvu.cloudfront.net/header-logotype-2.png", :ending => Time.now + 3600)
But when I tried:
signer.sign("http://d253c4ja9jigvu.cloudfront.net/header-logotype-2.png", :ending => Time.now + 36000, :resource => "http://*", :ip_range => "10.52.176.0/24")
To get a custom policy ip based signature I got an url which gave me "Malformed Policy" error from cloudfront.
If the canned one works the custom shouldn't require any other kind of configuration on cloudfront, right?
Am I doing it wrong?
Hello I am not sure if this gem is unsupported on jruby. But i keep getting this error. No insight on Stackoverflow.
NoMethodError: undefined method `=' for #Pathname:0x79d63a4f/.rvm/gems/jruby-1.7.19/gems/aws_cf_signer-0.1.3/lib/aws_cf_signer.rb:10
initialize at /
AWS announced signed cookies support a while back, a good use-case for them is to provide access to multiple restricted files.
The implementation is very similar to signed URLs, but trying to get the values from aws_cf_signer and sending them using cookies
in Rails didn't work. I added some attr_reader
s to signer and:
domain = 'd1z0hf3p8j4xla.cloudfront.net'
key = 'pk-APKAJVJCJ35TMRTR5DYQ.pem'
signer = AwsCfSigner.new(Rails.root.join(key).to_s)
url = signer.sign("http://#{domain}/folder2/stealz_logo3.png", ending: 2.day.from_now)
{ 'CloudFront-Expires' => signer.expires_at,
'CloudFront-Signature' => signer.signature,
'CloudFront-Key-Pair-Id' => signer.key_pair_id }.each do |key, value|
cookies[key] = { value: value, domain: domain, httponly: true, secure: true }
end
That url
being set works as intended, the problem is solely when setting the cookies and trying to read the object without the signed url.
Even I see the cookies coming down on the response (Google Chrome Developer Tools), I cannot find the cookies when I search for cloudfront.net in my cookies and I get a 403 Forbidden (<?xml version="1.0" encoding="UTF-8"?><Error><Code>MissingKey</Code><Message>Missing Key-Pair-Id query parameter or cookie value</Message></Error>
) when linking to the image.
...
Set-Cookie:CloudFront-Signature=NhbepC75buSNRcMiBDvK1T724whA%7EX88pzmEHJ%7E98aVFNMr0KtF3TRWsoD%7ET6Hr%7EEvJqehl6oFUCav4mJUFiSmL4i6Yf6aWkuTqnWWqUyDGqlm9Uq%7EpzIBAXu9Xpt54r3qxwxqTYE7%7ENDyfa1CJiTg1u7sUY266vQPFQqjZ3k5TETupabYFm4udKZCcIkaGtz2Ut2v8qrnM-gg0sTrPoamKBGcv0sAoZMhm%7EG5rF5%7EiEuOz0swo7vHga2dhA06phXup-bGjsoLnd2la-n0Xj%7E8aV6bwpvPpMpPbMTsN4Gr6Cu06iijpUYEUQ4VhDwgYZ4GRSOQWhPC22GtlHLb9o1g__; domain=d1z0hf3p8j4xla.cloudfront.net; path=/; secure; HttpOnly
Set-Cookie:CloudFront-Key-Pair-Id=APKAJVJCJ35TMRTR5DYQ; domain=d1z0hf3p8j4xla.cloudfront.net; path=/; secure; HttpOnly
Set-Cookie:CloudFront-Expires=1428865213; domain=d1z0hf3p8j4xla.cloudfront.net; path=/; secure; HttpOnly
...
...
<img src="http://d1z0hf3p8j4xla.cloudfront.net/folder2/stealz_logo3.png " alt="Stealz logo3">
...
UPDATE: Corrected response when requesting image.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.