AWS Cloudfront Signed Cookie无法在备用域上运行

Problem

I have Access Denied for GET request to cloudfront with signed cookies using both canned and custom policy.

Details

cdn.example.com is the alternate domain of abc.cloudfront.net, and CNAME is set on both cloudfront and cloudflare.
I expect after abc.example.com/authorize, cdn.example.com is accessible.
I am using PHP with Laravel behind abc.example.com/authroize, and the code is as follows.

```

$cloudFront = new Aws\CloudFront\CloudFrontClient([
    'region'  => 'us-west-2',
    'version' => '2014-11-06'
]);

$resourceKey = 'http://cdn.example.com';
$expires = time() + 300;

$signedCookieCannedPolicy = $cloudFront->getSignedCookie([
        'url'         => $resourceKey,
        'expires'     => $expires,
        'private_key' => 'pk.pem',
        'key_pair_id' => 'XXXXXXXXXXXXXX',
]);

$response = Response::success();
foreach ($signedCookieCannedPolicy as $name => $value) {
    $response->withCookie(Cookie::make($name, $value, 360, null, 'example.com'));
}

return $response;

```

The cookies are set for .example.com

When I go to cdn.example.com, the following message is shown

Thanks in advance.

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
drjv5597 2016-10-20 07:16
关注
Turns out the issue was due to the encrypted cookies. You might want to check: https://laravel.com/api/5.2/Illuminate/Cookie/CookieJar.html#method_make And if you are using Laravel 5.2, make sure you added exception if you used middleware to encrypt.

本回答被题主选为最佳回答 , 对您是否有帮助呢?

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

AWS Cloudfront Signed Cookie无法在备用域上运行 php
2016-05-06 03:38

回答 1 已采纳 Turns out the issue was due to the encrypted cookies. You might want to check: https://laravel.com
MongoDB PHP驱动程序无法在Ubuntu AWS上运行 mongodb php
2019-04-13 19:29

回答 1 已采纳 I tried to install driver using sudo apt-get install php-mongodb and it works.
Aws Php SDk - 使用硬编码凭证创建Cloudfront分发 php
2019-05-07 07:02

回答 1 已采纳 The solution was to create the cloudfront client like this $client = Aws\CloudFront\CloudFrontC
AWS认证解决方案架构助理 - AWS CloudFront笔记
2020-07-16 14:51

小朋友2D的博客 A url with provided temporary access to cached objects Signed Cookies A cookie which is passed along with the request to CloudFront. The advantage of using a Cookie is you want to provide access to ...
MongoDB PHP驱动程序无法在Linux AWS上运行 mongodb php
2017-01-06 05:43

回答 3 已采纳 I had faced the same situation and i got this solution from mongo developers You don't need to pu
Aws CloudFront格式错误的政策 php
2016-07-02 17:09

回答 1 已采纳 Your custom policy looks like an S3/IAM policy statement. That's not the kind of policy document
在AWS上托管角色应用程序使用php angular php
2018-10-22 14:19

回答 2 已采纳 If you want to do this on AWS you will need an EC2 instance to run your dynamic queries to the dat
AWS之S3套CloudFront的CDN
2021-04-07 16:21

亚林瓜子的博客需要给S3访问套一层CDN，AWS的CDN是CloudFront。解决主要步骤创建公私钥密钥对创建配置密钥组创建CloudFront分配测试（Java签名URL）创建公私钥密钥对生成私钥文件 openssl genrsa -out private_key.pem ...
您可以使用Java语言以外的其他语言通过Lambda @ Edge修改AWS CloudFront事件上的URI吗？
2019-03-21 14:23

回答 1 已采纳 Lambda@Edge supports only Node.js runtimes. You must create functions with the nodejs6.10 or n
使用PHP在AWS EC2实例上运行Apache2网站 apache php
2014-02-24 20:08

回答 1 已采纳 Sounds like a mimetype issue. You might add this to your .htaccess (or to your main apache conf):
在AWS s3 php amazon sdk上清除缓存 php
2016-12-19 11:39

回答 1 已采纳 It seems that your question is not about S3, but about CloudFront. You can use AWS SDK for PHP to
25. Amazon CloudFront
2021-09-07 11:48

JessicaWind的博客 Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users.
为什么我的简报形式无法在Amazon CloudFront上运行？ javascript php
2014-12-20 03:05

回答 1 已采纳 Please make sure your CloudFront distribution is actually configured to handle POST/PUT requests.
AWS Certification - Component Comparision
2022-10-07 16:37

fanlei77的博客 WebSocket No Yes Authentication provide an SSL certificate (a self-signed certificate is fine, BTW). This provides end-to-end encryption, which is a usual requirement in many compliance programs. ...
亚马逊登陆显示服务器出错,Amazon CloudFront常见错误配置及解决方法
2021-08-13 19:01

weixin_39705435的博客很多的用户在最初使用CloudFront做Web类内容分发的时候遇到无法调通的情况，本文总结了用户在配置过程中遇到的常见错误，内容涵盖了大部分用户遇到的情况。错误一源访问权限未放开这种错误常见于用S3做源的情况, ...
没有解决我的问题, 去提问

悬赏问题

¥15 matlab实现基于主成分变换的图像融合。
¥15 对于相关问题的求解与代码
¥15 ubuntu子系统密码忘记
¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
¥15 保护模式-系统加载-段寄存器
¥15 电脑桌面设定一个区域禁止鼠标操作
¥15 求NPF226060磁芯的详细资料
¥15 使用R语言marginaleffects包进行边际效应图绘制
¥20 usb设备兼容性问题
¥15 错误(10048): “调用exui内部功能”库命令的参数“参数4”不能接受空数据。怎么解决啊

AWS Cloudfront Signed Cookie无法在备用域上运行

Problem

Details

1条回答 默认 最新

悬赏问题

1条回答默认最新