问题
Does Amazon S3 allow custom headers? Or am I out of luck?
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-SOMETHING
Access-Control-Max-Age: 1728000
Example
var request = new XMLHttpRequest();
var url = 'http://example.s3.amazonaws.com/templates/welcome.html';
function callOtherDomain(){
request.open('GET', url, true);
request.withCredentials = "true";
request.onreadystatechange = handler;
request.send();
}
回答1:
CORS is now officially supported on S3: http://docs.amazonwebservices.com/AmazonS3/latest/dev/cors.html
回答2:
Currently, there is limited number of standrd http headers supported by s3.
Access-Control-Allow-* headers are not supported at this time: https://forums.aws.amazon.com/thread.jspa?threadID=34281&tstart=0
UPDATE:
Support for Cross-Origin Resource Sharing is added: https://forums.aws.amazon.com/ann.jspa?annID=1620
S3 Browser Freeware also supports this feature: http://s3browser.com/s3-bucket-cors-configuration.php
回答3:
The list of supported HTTP headers can be found here: http://docs.amazonwebservices.com/AmazonS3/latest/API/index.html?RESTObjectPUT.html
回答4:
Today Amazon announces the complete support for CORS, so you can now use HTML5 for example for Drag & Drop files directly to Amazon S3.
来源:https://stackoverflow.com/questions/4717006/amazon-s3-and-cross-origin-resource-sharing-cors