Can't use AWS S3 objects on a page that requires Basic Auth2019 Community Moderator ElectionDoes Amazon S3 support HTTP request with basic authenticationOrigin header missing from cross origin request to S3 on ChromeAWS S3 - CORS OPTIONS Preflight throwing 400 Bad Request during DELETE w/ VersionIdS3 PUT Bucket to a location endpoint results in a MalformedXML exceptionAmazon S3 server's bucket url fire XMLhttp request can not load error for PDF.js libraryCORS error with listBuckets in AWS JS SDKAWS Java SDK Error Message: The authorization header is malformed; the authorization header requires three componentsXMLHttpRequest - AWS API Gateway No 'Access-Control-Allow-Origin' header is present on the requested resourceWhy can't I delete an object in a s3 bucket with the AWS javascript sdk?How to configure S3 bucket to allow POSTs to API Gateway without 405 erroramazon S3 Failed to load resource: the server responded with a status of 403 (Forbidden)
Can infringement of a trademark be pursued for using a company's name in a sentence?
What happens with multiple copies of Humility and Glorious Anthem on the battlefield?
Why does Deadpool say "You're welcome, Canada," after shooting Ryan Reynolds in the end credits?
"However" used in a conditional clause?
Extension of Splitting Fields over An Arbitrary Field
What is the difference between "shut" and "close"?
Sword in the Stone story where the sword was held in place by electromagnets
Best approach to update all entries in a list that is paginated?
Does Linux have system calls to access all the features of the file systems it supports?
Co-worker team leader wants to inject the crap software product of his friends into our development. What should I say to our common boss?
How to make readers know that my work has used a hidden constraint?
Is a lawful good "antagonist" effective?
Should QA ask requirements to developers?
What is the definition of "Natural Selection"?
Is having access to past exams cheating and, if yes, could it be proven just by a good grade?
What is the dot in “1.2.4."
Single word request: Harming the benefactor
It's a yearly task, alright
Playing ONE triplet (not three)
Latest web browser compatible with Windows 98
My adviser wants to be the first author
What is the blue range indicating on this manifold pressure gauge?
Good allowance savings plan?
What does おとこえしや mean?
Can't use AWS S3 objects on a page that requires Basic Auth
2019 Community Moderator ElectionDoes Amazon S3 support HTTP request with basic authenticationOrigin header missing from cross origin request to S3 on ChromeAWS S3 - CORS OPTIONS Preflight throwing 400 Bad Request during DELETE w/ VersionIdS3 PUT Bucket to a location endpoint results in a MalformedXML exceptionAmazon S3 server's bucket url fire XMLhttp request can not load error for PDF.js libraryCORS error with listBuckets in AWS JS SDKAWS Java SDK Error Message: The authorization header is malformed; the authorization header requires three componentsXMLHttpRequest - AWS API Gateway No 'Access-Control-Allow-Origin' header is present on the requested resourceWhy can't I delete an object in a s3 bucket with the AWS javascript sdk?How to configure S3 bucket to allow POSTs to API Gateway without 405 erroramazon S3 Failed to load resource: the server responded with a status of 403 (Forbidden)
I am trying to use S3-hosted fonts on a page that requires Basic Authentication. S3 responds with the 400 status code and no response body.
This seems to happen if any type of Authorization header is sent along with the request to the page.
Demo available here: https://seidat-demos.herokuapp.com/demo-pdf-font/index.html (Include the Authorization header, e.g. Basic dXNlcjpwYXNz).
Bucket CORS settings:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://seidat-demos.herokuapp.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I'm aware that making GET requests to S3 objects directly with Basic Auth headers will cause a 400 error, but that doesn't seem to be the case here.
amazon-web-services amazon-s3
asked Mar 6 at 17:32
artemartem
164
add a comment |
I am trying to use S3-hosted fonts on a page that requires Basic Authentication. S3 responds with the 400 status code and no response body.
This seems to happen if any type of Authorization header is sent along with the request to the page.
Demo available here: https://seidat-demos.herokuapp.com/demo-pdf-font/index.html (Include the Authorization header, e.g. Basic dXNlcjpwYXNz).
Bucket CORS settings:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://seidat-demos.herokuapp.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I'm aware that making GET requests to S3 objects directly with Basic Auth headers will cause a 400 error, but that doesn't seem to be the case here.
amazon-web-services amazon-s3
asked Mar 6 at 17:32
artemartem
164
add a comment |
I am trying to use S3-hosted fonts on a page that requires Basic Authentication. S3 responds with the 400 status code and no response body.
This seems to happen if any type of Authorization header is sent along with the request to the page.
Demo available here: https://seidat-demos.herokuapp.com/demo-pdf-font/index.html (Include the Authorization header, e.g. Basic dXNlcjpwYXNz).
Bucket CORS settings:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://seidat-demos.herokuapp.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I'm aware that making GET requests to S3 objects directly with Basic Auth headers will cause a 400 error, but that doesn't seem to be the case here.
amazon-web-services amazon-s3
asked Mar 6 at 17:32
artemartem
164
I am trying to use S3-hosted fonts on a page that requires Basic Authentication. S3 responds with the 400 status code and no response body.
This seems to happen if any type of Authorization header is sent along with the request to the page.
Demo available here: https://seidat-demos.herokuapp.com/demo-pdf-font/index.html (Include the Authorization header, e.g. Basic dXNlcjpwYXNz).
Bucket CORS settings:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://seidat-demos.herokuapp.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I'm aware that making GET requests to S3 objects directly with Basic Auth headers will cause a 400 error, but that doesn't seem to be the case here.
amazon-web-services amazon-s3
amazon-web-services amazon-s3
asked Mar 6 at 17:32
artemartem
164
asked Mar 6 at 17:32
artemartem
164
asked Mar 6 at 17:32
artemartem
164
asked Mar 6 at 17:32
artemartem
164
asked Mar 6 at 17:32
artemartem
164
164
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Making request with Authorization header on S3 REST API endpoint will cause the bad request error because S3 uses it for sigv4. 1. Static website endpoint won't give this error but it doesn't work on https. 2. Have you try this: Does Amazon S3 support HTTP request with basic authentication
answered Mar 6 at 19:13
James DeanJames Dean
612
My question is more about why I can't have those fonts on the page. TheAuthorizationheader is clearly not sent to S3 when the page requests those resources.
– artem
Mar 7 at 10:19
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55029017%2fcant-use-aws-s3-objects-on-a-page-that-requires-basic-auth%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Making request with Authorization header on S3 REST API endpoint will cause the bad request error because S3 uses it for sigv4. 1. Static website endpoint won't give this error but it doesn't work on https. 2. Have you try this: Does Amazon S3 support HTTP request with basic authentication
answered Mar 6 at 19:13
James DeanJames Dean
612
My question is more about why I can't have those fonts on the page. TheAuthorizationheader is clearly not sent to S3 when the page requests those resources.
– artem
Mar 7 at 10:19
add a comment |
Making request with Authorization header on S3 REST API endpoint will cause the bad request error because S3 uses it for sigv4. 1. Static website endpoint won't give this error but it doesn't work on https. 2. Have you try this: Does Amazon S3 support HTTP request with basic authentication
answered Mar 6 at 19:13
James DeanJames Dean
612
My question is more about why I can't have those fonts on the page. TheAuthorizationheader is clearly not sent to S3 when the page requests those resources.
– artem
Mar 7 at 10:19
add a comment |
Making request with Authorization header on S3 REST API endpoint will cause the bad request error because S3 uses it for sigv4. 1. Static website endpoint won't give this error but it doesn't work on https. 2. Have you try this: Does Amazon S3 support HTTP request with basic authentication
answered Mar 6 at 19:13
James DeanJames Dean
612
Making request with Authorization header on S3 REST API endpoint will cause the bad request error because S3 uses it for sigv4. 1. Static website endpoint won't give this error but it doesn't work on https. 2. Have you try this: Does Amazon S3 support HTTP request with basic authentication
answered Mar 6 at 19:13
James DeanJames Dean
612
answered Mar 6 at 19:13
James DeanJames Dean
612
answered Mar 6 at 19:13
James DeanJames Dean
612
answered Mar 6 at 19:13
James DeanJames Dean
612
612
My question is more about why I can't have those fonts on the page. TheAuthorizationheader is clearly not sent to S3 when the page requests those resources.
– artem
Mar 7 at 10:19
add a comment |
My question is more about why I can't have those fonts on the page. TheAuthorizationheader is clearly not sent to S3 when the page requests those resources.
– artem
Mar 7 at 10:19
My question is more about why I can't have those fonts on the page. The
Authorization header is clearly not sent to S3 when the page requests those resources.– artem
Mar 7 at 10:19
My question is more about why I can't have those fonts on the page. The
Authorization header is clearly not sent to S3 when the page requests those resources.– artem
Mar 7 at 10:19
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55029017%2fcant-use-aws-s3-objects-on-a-page-that-requires-basic-auth%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
