Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Can we create a signed cookies for different ressources path ?

0

Hi,

I want to know if it's possible to create signed cookies on different resources on aws cloudfront? for example: I want to authorize the path https://example.com/path1/* and the https://example.com/path2/*.

I use the create a function in php, and replace the ressoureKey by https://example.com/path1/* but, is it possible to add https://example.com/path2/*?

Thanks.

Enter image description here

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Amazon CloudFront
Sprache
English
Stephane
gefragt vor einem Monat77 Aufrufe
1 Antwort
1
Akzeptierte Antwort

I assume you are using PHP to send cookie to viewer. When you sent the set-cookie response header, you can specify the path it applies to

From PHP set-cookie

path

The path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is the current directory that the cookie is being set in.

So you will generate 2 signed cookies and set it accordingly.

<?php
$arr_cookie_options1 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path1/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires', 'SignedCookie Value1', $arr_cookie_options1);   

$arr_cookie_options2 = array (
                'expires' => time() + 60*60*24*30, 
                'path' => '/path2/', 
                'domain' => '.example.com', // leading dot for compatibility or use subdomain
                'secure' => true,     // or false
                'httponly' => true,    // or false
                'samesite' => 'None' // None || Lax  || Strict
                );
setcookie('CloudFront-Expires',  'SignedCookierValue2', $arr_cookie_options2);   
?>

Will need it to test though

AWS
EXPERTE
Mike_L
beantwortet vor einem Monat
profile picture
EXPERTE
Oleksii Bebych
überprüft vor einem Monat
profile picture
EXPERTE
Adeleke Adebowale J
überprüft vor einem Monat
  • Stephane
    vor einem Monat

    I'm not sure what you mean,

    What I'm trying to say is that it's possible to support multiple resources like this:

    https://xxx.cloudfront.net/audios/1/*
https://xxx.cloudfront.net/audios/2/*


$json = '{"Statement":[
    {
        "Resource":"'.$url.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
    {
        "Resource":"'.$url2.'",
        "Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}
    },
]}';

    note that to get the cookies I have to make a call to API gateway

  • Mike_L EXPERTE
    vor einem Monat

    I assume you are using PHP to set user cookie. Have updated my post. Hope this clarifies

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt