google 加上用户代理的 Aws S3 存储桶策略
Aws S3 bucket policy for google plus user agent
网上冲浪后我终于知道google+使用这个用户代理“Google (+https://developers.google.com/+/web/snippet/)”
但是当我在我的 S3 存储桶策略中将此用户代理列入白名单时,它不知何故不起作用。这是用户代理的 S3 策略。任何帮助将不胜感激。
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "Allow in my domains",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::awesomebucket/*",
"Condition": {
"StringEquals": {
"aws:UserAgent": [
"Twitterbot/",
"Google (+https://developers.google.com/+/web/snippet/)",
"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
]
}
}
},
{
"Sid": "Deny access if referer is not my sites",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::awesomebucket/*",
"Condition": {
"StringNotEquals": {
"aws:UserAgent": [
"Twitterbot/",
"Google (+https://developers.google.com/+/web/snippet/)",
"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
]
}
}
}
]}
Your web server will see a request with the user agent containing the following text
您使用的 AWS 字符串条件是精确匹配器,但 Google+ UA 只包含该字符串。实际的 UA 看起来像这样:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 Google (+https://developers.google.com/+/web/snippet/)
您需要使用 StringLike 条件或类似条件。
网上冲浪后我终于知道google+使用这个用户代理“Google (+https://developers.google.com/+/web/snippet/)” 但是当我在我的 S3 存储桶策略中将此用户代理列入白名单时,它不知何故不起作用。这是用户代理的 S3 策略。任何帮助将不胜感激。
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "Allow in my domains",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::awesomebucket/*",
"Condition": {
"StringEquals": {
"aws:UserAgent": [
"Twitterbot/",
"Google (+https://developers.google.com/+/web/snippet/)",
"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
]
}
}
},
{
"Sid": "Deny access if referer is not my sites",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::awesomebucket/*",
"Condition": {
"StringNotEquals": {
"aws:UserAgent": [
"Twitterbot/",
"Google (+https://developers.google.com/+/web/snippet/)",
"facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)"
]
}
}
}
]}
Your web server will see a request with the user agent containing the following text
您使用的 AWS 字符串条件是精确匹配器,但 Google+ UA 只包含该字符串。实际的 UA 看起来像这样:
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.75 Safari/537.36 Google (+https://developers.google.com/+/web/snippet/)
您需要使用 StringLike 条件或类似条件。