Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Can we create a signed cookies for different ressources path ?

0

Hi,

I want to know if it's possible to create signed cookies on different resources on aws cloudfront? for example: I want to authorize the path https://example.com/path1/* and the https://example.com/path2/*.

I use the create a function in php, and replace the ressoureKey by https://example.com/path1/* but, is it possible to add https://example.com/path2/*?

Thanks.

Enter image description here

Tópicos
Rede e entrega de conteúdo
Tags
Amazon CloudFront
Idioma
English
Stephane
feita há um mês82 visualizações
1 Resposta
1
Resposta aceita

I assume you are using PHP to send cookie to viewer. When you sent the set-cookie response header, you can specify the path it applies to

From PHP set-cookie

path

The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in.

So you will generate 2 signed cookies and set it accordingly.

<?php
$arr_cookie_options1 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path1/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires', 'SignedCookie Value1', $arr_cookie_options1);   

$arr_cookie_options2 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path2/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires',  'SignedCookierValue2', $arr_cookie_options2);   
?>

Will need it to test though

AWS
ESPECIALISTA
Mike_L
respondido há um mês
profile picture
ESPECIALISTA
Oleksii Bebych
avaliado há um mês
profile picture
ESPECIALISTA
Adeleke Adebowale J
avaliado há um mês
  • Stephane
    há um mês

    I'm not sure what you mean,

    What I'm trying to say is that it's possible to support multiple resources like this:

    https://xxx.cloudfront.net/audios/1/*
https://xxx.cloudfront.net/audios/2/*


$json = '{"Statement":[
    {
        "Resource":"'.$url.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
    {
        "Resource":"'.$url2.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
]}';

    note that to get the cookies I have to make a call to API gateway

  • Mike_L ESPECIALISTA
    há um mês

    I assume you are using PHP to set user cookie. Have updated my post. Hope this clarifies

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante