iframs video can’t play because has blocked by referrer

Question

I have put referrer domain at s3 bucket but it’s seem due to the referrer the referrer has blocked iframe video can’t load video why I need answer can someone help me?

Answer

By default, video uploaded are restricted to public by default you would need to add more permissions to the object in your S3 bucket (which is the video)

**Follow the steps below to allow the video to load/play on your website.**
1. From the [Amazon S3 console](https://s3.console.aws.amazon.com/s3/), choose the bucket with the video
2. **Select** the video
3. Click on **Properties**
4. Click on **Permissions** Tab
5. Click on **Add more permissions**
6. By the **Grantee **field, select **Everyone**
7. Check the **Open/Download** or **View Permissions** box
8. Click on **Save**

**To Restric Access by referer:**
You can also prevent unauthorized access to your S3 bucket by referer. A referer is the URL of the webpage that a user is visiting when they request a resource from your S3 bucket. To restrict access to your S3 bucket by referer, you need to create a bucket policy that includes a statement that denies access to the bucket if the referer is not from a specific domain or set of domains.

>{\
> "Version": "2012-10-17",\
>   "Statement": [\
>      {\
>         "Sid": "RestrictAccessByReferer",\
>         "Effect": "Deny",\
>         "Principal": "*",\
>         "Action": "s3:GetObject",\
>         "Resource": "arn:aws:s3:::example-bucket/*",\
>         "Condition": {\
>            "StringNotLike": {\
>               "aws:Referer": [\
>                  "http://www.example.com/*",\
>                  "http://example.com/*"\
>               ]\
>            }\
>         }\
>      }\
>   ]\
>}

**Restrict Object Access based on HTTP referer header:**
If you want your bucket to be public, but only to users who are requesting object from a specific website, or when specific HTTP headers are present in the request, you can add a string requirement to the bucket policy by specifying which HTTP header must be present.
>{\
>"Version":"2012-10-17",\
>"Statement":[\
>{\
>"Sid":"AllowRequestHTTPHeader",\
>"Effect":"Allow",\
>"Principal":"*",\
>"Action":["s3:GetObject","s3:GetObjectVersion"],\
>"Resource":"arn:aws:s3:::example-bucket/*",\
>"Condition":{\
>"StringLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]}\
>}\
>}\
>]\
>}

**NOTE:** This policy does not restrict any access to the bucket, but instead only grants access. If you wish to prevent any GET access to the bucket UNLESS it contains a specific HTTP header, then you would need to make a DENY policy. To do this, you can use DENY with a StringNotLike condition
>{\
>"Version":"2012-10-17",\
>"Statement":[\
>{\
>"Sid":"AllowOnlyRequestsHTTPHeader",\
>"Effect":"Deny",\
>"Principal":"*",\
>"Action":["s3:GetObject","s3:GetObjectVersion"],\
>"Resource":"arn:aws:s3:::example-bucket/*",\
>"Condition":{\
>"StringNotLike":{"aws:Referer":["http://www.example.com/*","http://example.com/*"]}\
>}\
>}\
>]\
>}

[Reference]\
[How can I grant public read access to some objects in my Amazon S3 bucket?](https://repost.aws/knowledge-center/read-access-objects-s3-bucket)\
[Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html)

iframs video can’t play because has blocked by referrer

相关内容