Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Can we create a signed cookies for different ressources path ?

0

Hi,

I want to know if it's possible to create signed cookies on different resources on aws cloudfront? for example: I want to authorize the path https://example.com/path1/* and the https://example.com/path2/*.

I use the create a function in php, and replace the ressoureKey by https://example.com/path1/* but, is it possible to add https://example.com/path2/*?

Thanks.

Enter image description here

Temas
Redes y entrega de contenido
Etiquetas
Amazon CloudFront
Idioma
English
Stephane
preguntada hace un mes97 visualizaciones
1 Respuesta
1
Respuesta aceptada

I assume you are using PHP to send cookie to viewer. When you sent the set-cookie response header, you can specify the path it applies to

From PHP set-cookie

path

The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in.

So you will generate 2 signed cookies and set it accordingly.

<?php
$arr_cookie_options1 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path1/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires', 'SignedCookie Value1', $arr_cookie_options1);   

$arr_cookie_options2 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path2/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires',  'SignedCookierValue2', $arr_cookie_options2);   
?>

Will need it to test though

AWS
EXPERTO
Mike_L
respondido hace un mes
profile picture
EXPERTO
Oleksii Bebych
revisado hace un mes
profile picture
EXPERTO
Adeleke Adebowale J
revisado hace un mes
  • Stephane
    hace un mes

    I'm not sure what you mean,

    What I'm trying to say is that it's possible to support multiple resources like this:

    https://xxx.cloudfront.net/audios/1/*
https://xxx.cloudfront.net/audios/2/*


$json = '{"Statement":[
    {
        "Resource":"'.$url.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
    {
        "Resource":"'.$url2.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
]}';

    note that to get the cookies I have to make a call to API gateway

  • Mike_L EXPERTO
    hace un mes

    I assume you are using PHP to set user cookie. Have updated my post. Hope this clarifies

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante