mardi 21 avril 2015

I am using Amazon S3 and have this in my "Edit CORS Configuration"

<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>POST</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <ExposeHeader>ETag</ExposeHeader>
    <AllowedHeader>*</AllowedHeader>
</CORSRule>

I want to restrict to my domain.

Without www, I can only access with http and not www

<AllowedOrigin>http://ift.tt/1HOQZQX;

With www, I can only access with www and not only http

<AllowedOrigin>http://ift.tt/1G2tcs3;

This is not working with wildcard

    <AllowedOrigin>http://ift.tt/1HOQZQZ;

or

<AllowedOrigin>*.domain.com</AllowedOrigin>

How should I write my <AllowedOrigin> to allow both http://domain.com and http://www.domain.com? Do I need to have two <CORSRule>?




Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)