New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CORS Issue #7

Closed
btknorr opened this Issue Feb 6, 2014 · 10 comments

Comments

Projects
None yet
7 participants
@btknorr

btknorr commented Feb 6, 2014

I have cors configured correctly for my s3 bucket, but when I run the test code (with config setup correctly), I always get the following error:

XMLHttpRequest cannot load https://kaleida-images.s3.amazonaws.com/. The request was redirected to 'https://kaleida-images.s3-us-west-2.amazonaws.com/', which is disallowed for cross-origin requests that require preflight.

Please advise on what I need to do to make this work. Thanks,

Brian

@tj

This comment has been minimized.

Show comment
Hide comment
@tj

tj Feb 8, 2014

Member

you have to edit the CORS policy on aws

Member

tj commented Feb 8, 2014

you have to edit the CORS policy on aws

@tj tj closed this Feb 8, 2014

@joshrtay

This comment has been minimized.

Show comment
Hide comment
@joshrtay

joshrtay Feb 10, 2014

i'm having a similar issue.

my s3 cors policy looks like this:

<CORSConfiguration>
 <CORSRule>
   <AllowedOrigin>*</AllowedOrigin>
   <AllowedMethod>GET</AllowedMethod>
   <AllowedMethod>PUT</AllowedMethod>
   <AllowedMethod>POST</AllowedMethod>
   <AllowedHeader>*</AllowedHeader>
  <MaxAgeSeconds>3000</MaxAgeSeconds>
  <ExposeHeader>x-amz-server-side-encryption</ExposeHeader>
  <ExposeHeader>x-amz-request-id</ExposeHeader>
  <ExposeHeader>x-amz-id-2</ExposeHeader>
 </CORSRule>
</CORSConfiguration>

if i change upload.bucketUrl to http://[mybucket].s3-us-west1.amaonaws.com/ it works. but that seems pretty hacky.

joshrtay commented Feb 10, 2014

i'm having a similar issue.

my s3 cors policy looks like this:

<CORSConfiguration>
 <CORSRule>
   <AllowedOrigin>*</AllowedOrigin>
   <AllowedMethod>GET</AllowedMethod>
   <AllowedMethod>PUT</AllowedMethod>
   <AllowedMethod>POST</AllowedMethod>
   <AllowedHeader>*</AllowedHeader>
  <MaxAgeSeconds>3000</MaxAgeSeconds>
  <ExposeHeader>x-amz-server-side-encryption</ExposeHeader>
  <ExposeHeader>x-amz-request-id</ExposeHeader>
  <ExposeHeader>x-amz-id-2</ExposeHeader>
 </CORSRule>
</CORSConfiguration>

if i change upload.bucketUrl to http://[mybucket].s3-us-west1.amaonaws.com/ it works. but that seems pretty hacky.

@btknorr

This comment has been minimized.

Show comment
Hide comment
@btknorr

btknorr Feb 11, 2014

Same here...my CORS policy is setup correctly and when I change my bucketUrl to http://[mybucket].s3-us-west1.amaonaws.com/ it works as well.

btknorr commented Feb 11, 2014

Same here...my CORS policy is setup correctly and when I change my bucketUrl to http://[mybucket].s3-us-west1.amaonaws.com/ it works as well.

@btknorr

This comment has been minimized.

Show comment
Hide comment
@btknorr

btknorr Feb 11, 2014

Can we get this issue re-opened? Or should we create a new one?

btknorr commented Feb 11, 2014

Can we get this issue re-opened? Or should we create a new one?

@joshrtay

This comment has been minimized.

Show comment
Hide comment
@joshrtay

joshrtay Feb 11, 2014

not sure what happened (haven't changed any CORS settings or code), but today i'm not having this issue.

joshrtay commented Feb 11, 2014

not sure what happened (haven't changed any CORS settings or code), but today i'm not having this issue.

@btknorr

This comment has been minimized.

Show comment
Hide comment
@btknorr

btknorr Feb 12, 2014

Yep I just confirmed that it works now. I also noticed that S3 made a modification to my CORS policy which I did not make, which caused a different issue. So maybe S3 was just buggy the day we tried to use this component :)

btknorr commented Feb 12, 2014

Yep I just confirmed that it works now. I also noticed that S3 made a modification to my CORS policy which I did not make, which caused a different issue. So maybe S3 was just buggy the day we tried to use this component :)

@lsimoneau

This comment has been minimized.

Show comment
Hide comment
@lsimoneau

lsimoneau Jun 10, 2014

The reason his happens (and also the reason why it self-resolves), is that when you set up an S3 bucket, there's a certain time during which the global bucket URL is not available, so AWS redirects to the region-specific URL. From the documentation:

Temporary redirects automatically redirect users who do not have DNS information for the requested bucket. This occurs because DNS changes take time to propagate through the Internet. For example, if a user creates a bucket with a location constraint and immediately stores an object in the bucket, information about the bucket might not yet have been distributed throughout the Internet. Because the bucket is a subdomain of s3.amazonaws.com, Amazon S3 redirects it to the correct Amazon S3 location.

The redirect response that Amazon sends back when you request the global URL doesn't have CORS headers, so requests will fail until the DNS has propagated.

lsimoneau commented Jun 10, 2014

The reason his happens (and also the reason why it self-resolves), is that when you set up an S3 bucket, there's a certain time during which the global bucket URL is not available, so AWS redirects to the region-specific URL. From the documentation:

Temporary redirects automatically redirect users who do not have DNS information for the requested bucket. This occurs because DNS changes take time to propagate through the Internet. For example, if a user creates a bucket with a location constraint and immediately stores an object in the bucket, information about the bucket might not yet have been distributed throughout the Internet. Because the bucket is a subdomain of s3.amazonaws.com, Amazon S3 redirects it to the correct Amazon S3 location.

The redirect response that Amazon sends back when you request the global URL doesn't have CORS headers, so requests will fail until the DNS has propagated.

@caspyin

This comment has been minimized.

Show comment
Hide comment
@caspyin

caspyin Aug 12, 2014

@lsimoneau You're the best! Thanks for clarifying why this happened. This helped me on a totally unrelated project.

caspyin commented Aug 12, 2014

@lsimoneau You're the best! Thanks for clarifying why this happened. This helped me on a totally unrelated project.

@volumetric

This comment has been minimized.

Show comment
Hide comment
@volumetric

volumetric commented Nov 24, 2014

Thanks @lsimoneau

@DavyCode

This comment has been minimized.

Show comment
Hide comment
@DavyCode

DavyCode Sep 7, 2018

I am using AWS sdk for uploads, after spending some time searching online i stumbled upon this thread. thanks to @lsimoneau 45581857 its turns out the exact same thing was happening. I simply pointed my request Url to the region on my bucket by attaching the region property and it worked.

const s3 = new AWS.S3({
accessKeyId: config.awsAccessKeyID,
secretAccessKey: config.awsSecretAccessKey,
region: 'eu-west-2' // add region here
});

DavyCode commented Sep 7, 2018

I am using AWS sdk for uploads, after spending some time searching online i stumbled upon this thread. thanks to @lsimoneau 45581857 its turns out the exact same thing was happening. I simply pointed my request Url to the region on my bucket by attaching the region property and it worked.

const s3 = new AWS.S3({
accessKeyId: config.awsAccessKeyID,
secretAccessKey: config.awsSecretAccessKey,
region: 'eu-west-2' // add region here
});

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment